last executing test programs: 524.702339ms ago: executing program 3 (id=4): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r1}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$kcm(0x2, 0x200000000000001, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) 337.237287ms ago: executing program 2 (id=3): perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r1}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) 0s ago: executing program 0 (id=1): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801004800000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20) sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.240' (ED25519) to the list of known hosts. [ 74.065604][ T5757] cgroup: Unknown subsys name 'net' [ 74.230196][ T5757] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.849801][ T5757] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.313584][ T5768] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.331827][ T5768] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.339413][ T5768] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.352775][ T5768] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.360937][ T5768] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 77.368342][ T5768] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.416314][ T5772] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.424486][ T5772] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.432819][ T5772] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.441101][ T5772] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.449482][ T5772] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.457235][ T5772] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.484025][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.492552][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.500242][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.508534][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.516552][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 77.528474][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.572059][ T5772] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.583200][ T5772] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.591305][ T5772] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.602901][ T5772] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.620130][ T5772] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 77.627977][ T5772] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.938233][ T5769] chnl_net:caif_netlink_parms(): no params data found [ 78.046332][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 78.095129][ T5766] chnl_net:caif_netlink_parms(): no params data found [ 78.113957][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.121751][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.128991][ T5769] bridge_slave_0: entered allmulticast mode [ 78.136173][ T5769] bridge_slave_0: entered promiscuous mode [ 78.151736][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.158855][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.166406][ T5769] bridge_slave_1: entered allmulticast mode [ 78.173834][ T5769] bridge_slave_1: entered promiscuous mode [ 78.260147][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.272517][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.354512][ T5769] team0: Port device team_slave_0 added [ 78.395702][ T5769] team0: Port device team_slave_1 added [ 78.425422][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.432768][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.439925][ T5770] bridge_slave_0: entered allmulticast mode [ 78.447727][ T5770] bridge_slave_0: entered promiscuous mode [ 78.456241][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.463454][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.470681][ T5770] bridge_slave_1: entered allmulticast mode [ 78.477933][ T5770] bridge_slave_1: entered promiscuous mode [ 78.496183][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.503996][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.511180][ T5766] bridge_slave_0: entered allmulticast mode [ 78.518686][ T5766] bridge_slave_0: entered promiscuous mode [ 78.556488][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.563705][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.590069][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.604038][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.611173][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.618932][ T5766] bridge_slave_1: entered allmulticast mode [ 78.626456][ T5766] bridge_slave_1: entered promiscuous mode [ 78.635294][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.648972][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.669203][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.676389][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.702869][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.757876][ T5770] team0: Port device team_slave_0 added [ 78.764437][ T5774] chnl_net:caif_netlink_parms(): no params data found [ 78.777998][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.791753][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.802667][ T5770] team0: Port device team_slave_1 added [ 78.906393][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.913475][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.940865][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.956458][ T5769] hsr_slave_0: entered promiscuous mode [ 78.963379][ T5769] hsr_slave_1: entered promiscuous mode [ 78.973124][ T5766] team0: Port device team_slave_0 added [ 78.985374][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.992439][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.018640][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.037112][ T5766] team0: Port device team_slave_1 added [ 79.126275][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.133352][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.159889][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.184895][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.192192][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.199334][ T5774] bridge_slave_0: entered allmulticast mode [ 79.207361][ T5774] bridge_slave_0: entered promiscuous mode [ 79.219449][ T5770] hsr_slave_0: entered promiscuous mode [ 79.226268][ T5770] hsr_slave_1: entered promiscuous mode [ 79.232566][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.240357][ T5770] Cannot create hsr debugfs directory [ 79.253189][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.260168][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.286408][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.298216][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.305522][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.312786][ T5774] bridge_slave_1: entered allmulticast mode [ 79.320045][ T5774] bridge_slave_1: entered promiscuous mode [ 79.406751][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.419127][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.425355][ T51] Bluetooth: hci0: command tx timeout [ 79.501496][ T51] Bluetooth: hci1: command tx timeout [ 79.544063][ T5774] team0: Port device team_slave_0 added [ 79.555717][ T5766] hsr_slave_0: entered promiscuous mode [ 79.562435][ T5766] hsr_slave_1: entered promiscuous mode [ 79.568748][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.577139][ T5766] Cannot create hsr debugfs directory [ 79.582836][ T51] Bluetooth: hci2: command tx timeout [ 79.603926][ T5774] team0: Port device team_slave_1 added [ 79.661763][ T51] Bluetooth: hci3: command tx timeout [ 79.679426][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.687309][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.713288][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.752979][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.759947][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.786348][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.890110][ T5774] hsr_slave_0: entered promiscuous mode [ 79.897004][ T5774] hsr_slave_1: entered promiscuous mode [ 79.903899][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.912070][ T5774] Cannot create hsr debugfs directory [ 79.944305][ T5769] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 79.956591][ T5769] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 79.989600][ T5769] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 80.001122][ T5769] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 80.119490][ T5770] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.154246][ T5770] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.165705][ T5770] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.175534][ T5770] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.288229][ T5766] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.300785][ T5766] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.320397][ T5766] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.331224][ T5766] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 80.408954][ T5774] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.419749][ T5774] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.443827][ T5774] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.454632][ T5774] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.539804][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.593744][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.609001][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.630101][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.637456][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.662180][ T1130] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.669278][ T1130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.688223][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.704541][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.738873][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.746026][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.759710][ T3499] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.766875][ T3499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.800011][ T5766] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.822517][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.829658][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.860268][ T1130] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.867399][ T1130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.884507][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.924807][ T5774] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.939778][ T5769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.967331][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.974626][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.997738][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.004921][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.174211][ T5774] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.483445][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.503984][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.511200][ T51] Bluetooth: hci0: command tx timeout [ 81.544888][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.583112][ T51] Bluetooth: hci1: command tx timeout [ 81.590896][ T5769] veth0_vlan: entered promiscuous mode [ 81.610449][ T5769] veth1_vlan: entered promiscuous mode [ 81.664014][ T51] Bluetooth: hci2: command tx timeout [ 81.700178][ T5770] veth0_vlan: entered promiscuous mode [ 81.707486][ T5769] veth0_macvtap: entered promiscuous mode [ 81.729816][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.741688][ T51] Bluetooth: hci3: command tx timeout [ 81.774092][ T5770] veth1_vlan: entered promiscuous mode [ 81.799118][ T5769] veth1_macvtap: entered promiscuous mode [ 81.826809][ T5766] veth0_vlan: entered promiscuous mode [ 81.850049][ T5770] veth0_macvtap: entered promiscuous mode [ 81.867892][ T5766] veth1_vlan: entered promiscuous mode [ 81.916013][ T5770] veth1_macvtap: entered promiscuous mode [ 81.934371][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.987578][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.997387][ T5774] veth0_vlan: entered promiscuous mode [ 82.026035][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.036555][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.045497][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.054284][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.079028][ T5774] veth1_vlan: entered promiscuous mode [ 82.097687][ T5766] veth0_macvtap: entered promiscuous mode [ 82.108049][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.120015][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.132900][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.156882][ T5766] veth1_macvtap: entered promiscuous mode [ 82.215601][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.228082][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.241466][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.314273][ T5770] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.334565][ T5770] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.343787][ T5770] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.357591][ T5770] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.386697][ T5774] veth0_macvtap: entered promiscuous mode [ 82.403943][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.414784][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.429230][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.440653][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.453723][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.494218][ T5774] veth1_macvtap: entered promiscuous mode [ 82.513437][ T1130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.539719][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.543402][ T1130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.556521][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.567506][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.579021][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.592356][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.670396][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.688595][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.698872][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.710872][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.725039][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.735551][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.753692][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.786391][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.803167][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.815491][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.826604][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.837472][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.848182][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.859899][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.876242][ T5766] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.885607][ T5766] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.894560][ T5766] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.904668][ T5766] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.928485][ T5774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.939944][ T5774] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.950384][ T5774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.959255][ T5774] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.989081][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.997095][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.009219][ T1130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.024180][ T1130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.112079][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.127445][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.251579][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.259538][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.334713][ T2909] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.355864][ T2909] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.357653][ C1] hrtimer: interrupt took 83542 ns [ 83.404950][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.453553][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.509957][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.526917][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.582270][ T51] Bluetooth: hci0: command tx timeout [ 83.662434][ T51] Bluetooth: hci1: command tx timeout [ 83.742822][ T51] Bluetooth: hci2: command tx timeout [ 83.821497][ T51] Bluetooth: hci3: command tx timeout [ 85.662185][ T51] Bluetooth: hci0: command tx timeout [ 85.741700][ T51] Bluetooth: hci1: command tx timeout [ 85.821649][ T51] Bluetooth: hci2: command tx timeout [ 85.902471][ T51] Bluetooth: hci3: command tx timeout [ 91.995990][ T2131] cfg80211: failed to load regulatory.db [ 132.945057][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.951767][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.386772][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.393430][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.585621][ T5883] Bluetooth: hci2: command 0x0406 tx timeout [ 201.598883][ T5883] Bluetooth: hci3: command 0x0406 tx timeout [ 201.606388][ T5883] Bluetooth: hci0: command 0x0406 tx timeout [ 201.618891][ T5883] Bluetooth: hci1: command 0x0406 tx timeout [ 237.903905][ T29] INFO: task syz-executor:5757 blocked for more than 143 seconds. [ 237.911996][ T29] Not tainted syzkaller #0 [ 237.916956][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 237.925706][ T29] task:syz-executor state:D stack:22920 pid:5757 ppid:5756 flags:0x00004006 [ 237.935020][ T29] Call Trace: [ 237.938333][ T29] [ 237.941345][ T29] __schedule+0x14d2/0x44d0 [ 237.945929][ T29] ? asan.module_dtor+0x20/0x20 [ 237.950825][ T29] ? mark_lock+0x94/0x320 [ 237.955345][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 237.962901][ T29] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 237.968341][ T29] schedule+0xbd/0x170 [ 237.972484][ T29] schedule_preempt_disabled+0x13/0x20 [ 237.977993][ T29] rwsem_down_write_slowpath+0xbd2/0xfa0 [ 237.983788][ T29] ? rwsem_down_write_slowpath+0x7b7/0xfa0 [ 237.989658][ T29] ? rwsem_down_read_slowpath+0x840/0x840 [ 237.995550][ T29] ? read_lock_is_recursive+0x20/0x20 [ 238.000994][ T29] down_write+0x1a7/0x1f0 [ 238.005449][ T29] ? down_read_killable+0x340/0x340 [ 238.010735][ T29] exit_mmap+0x245/0xb50 [ 238.015059][ T29] ? vm_brk+0x30/0x30 [ 238.019074][ T29] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 238.024876][ T29] ? uprobe_clear_state+0x278/0x290 [ 238.030141][ T29] ? mm_update_next_owner+0x562/0x6c0 [ 238.040499][ T29] __mmput+0x118/0x3c0 [ 238.044681][ T29] exit_mm+0x1da/0x2c0 [ 238.048831][ T29] ? do_exit+0x23c0/0x23c0 [ 238.057751][ T29] ? taskstats_exit+0x35e/0x9e0 [ 238.062753][ T29] do_exit+0x88e/0x23c0 [ 238.068154][ T29] ? put_task_struct+0xc0/0xc0 [ 238.074339][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 238.080370][ T29] ? get_signal+0x1068/0x1400 [ 238.085192][ T29] ? lock_chain_count+0x20/0x20 [ 238.090097][ T29] ? _raw_spin_lock_irq+0xaf/0xe0 [ 238.095194][ T29] do_group_exit+0x21b/0x2d0 [ 238.099834][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 238.105148][ T29] get_signal+0x12fc/0x1400 [ 238.109732][ T29] arch_do_signal_or_restart+0x9c/0x7b0 [ 238.115420][ T29] ? get_sigframe_size+0x20/0x20 [ 238.124595][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 238.130663][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 238.136211][ T29] exit_to_user_mode_loop+0x70/0x110 [ 238.142793][ T29] exit_to_user_mode_prepare+0xf6/0x180 [ 238.148395][ T29] irqentry_exit_to_user_mode+0x9/0x40 [ 238.153946][ T29] exc_page_fault+0x8f/0x110 [ 238.158584][ T29] asm_exc_page_fault+0x26/0x30 [ 238.163614][ T29] RIP: 0033:0x7fe3f21574c7 [ 238.169991][ T29] RSP: 002b:00007ffdb31a0c08 EFLAGS: 00010203 [ 238.176178][ T29] RAX: 00007fe3ef800000 RBX: 000055556886aae0 RCX: 00007fe3ef800000 [ 238.189862][ T29] RDX: 00007fe3ef80018a RSI: 00005555688672b0 RDI: 00007fe3ef800020 [ 238.199180][ T29] RBP: 000055556886aed0 R08: 0000000000000000 R09: 000055556886b720 [ 238.211974][ T29] R10: 919b50eb050df19f R11: 0000000000000202 R12: 0000000000000001 [ 238.219998][ T29] R13: 0000000000000020 R14: 00007ffdb31a0c20 R15: 0000000000000000 [ 238.243882][ T29] [ 238.247401][ T29] INFO: task syz.3.4:5856 blocked for more than 143 seconds. [ 238.256042][ T29] Not tainted syzkaller #0 [ 238.261048][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 238.271944][ T29] task:syz.3.4 state:D stack:24080 pid:5856 ppid:5769 flags:0x00004000 [ 238.281191][ T29] Call Trace: [ 238.284598][ T29] [ 238.287564][ T29] __schedule+0x14d2/0x44d0 [ 238.292247][ T29] ? asan.module_dtor+0x20/0x20 [ 238.297142][ T29] ? mark_lock+0x94/0x320 [ 238.304422][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 238.310502][ T29] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 238.317025][ T29] schedule+0xbd/0x170 [ 238.321142][ T29] schedule_preempt_disabled+0x13/0x20 [ 238.329500][ T29] rwsem_down_write_slowpath+0xbd2/0xfa0 [ 238.337283][ T29] ? rwsem_down_write_slowpath+0x7b7/0xfa0 [ 238.343284][ T29] ? rwsem_down_read_slowpath+0x840/0x840 [ 238.349052][ T29] ? read_lock_is_recursive+0x20/0x20 [ 238.354596][ T29] down_write+0x1a7/0x1f0 [ 238.358996][ T29] ? down_read_killable+0x340/0x340 [ 238.367182][ T29] exit_mmap+0x245/0xb50 [ 238.374098][ T29] ? vm_brk+0x30/0x30 [ 238.378222][ T29] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 238.384042][ T29] ? uprobe_clear_state+0x278/0x290 [ 238.389274][ T29] ? mm_update_next_owner+0x562/0x6c0 [ 238.394725][ T29] __mmput+0x118/0x3c0 [ 238.398845][ T29] exit_mm+0x1da/0x2c0 [ 238.402985][ T29] ? do_exit+0x23c0/0x23c0 [ 238.407441][ T29] ? taskstats_exit+0x35e/0x9e0 [ 238.412442][ T29] do_exit+0x88e/0x23c0 [ 238.416646][ T29] ? put_task_struct+0xc0/0xc0 [ 238.421478][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 238.427675][ T29] ? get_signal+0x1068/0x1400 [ 238.432661][ T29] ? lock_chain_count+0x20/0x20 [ 238.437551][ T29] ? _raw_spin_lock_irq+0xaf/0xe0 [ 238.443438][ T29] do_group_exit+0x21b/0x2d0 [ 238.448072][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 238.453673][ T29] get_signal+0x12fc/0x1400 [ 238.458320][ T29] arch_do_signal_or_restart+0x9c/0x7b0 [ 238.464073][ T29] ? __ia32_sys_get_robust_list+0x110/0x110 [ 238.470036][ T29] ? get_sigframe_size+0x20/0x20 [ 238.475474][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 238.480988][ T29] exit_to_user_mode_loop+0x70/0x110 [ 238.489064][ T29] exit_to_user_mode_prepare+0xf6/0x180 [ 238.495777][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 238.504172][ T29] do_syscall_64+0x61/0xb0 [ 238.508645][ T29] ? clear_bhb_loop+0x40/0x90 [ 238.513836][ T29] ? clear_bhb_loop+0x40/0x90 [ 238.518582][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 238.524579][ T29] RIP: 0033:0x7f7f2bf8f749 [ 238.529026][ T29] RSP: 002b:00007f7f2ce720e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 238.537575][ T29] RAX: fffffffffffffe00 RBX: 00007f7f2c1e5fa8 RCX: 00007f7f2bf8f749 [ 238.545851][ T29] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7f2c1e5fa8 [ 238.553940][ T29] RBP: 00007f7f2c1e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 238.561986][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.569992][ T29] R13: 00007f7f2c1e6038 R14: 00007fff57fc68d0 R15: 00007fff57fc69b8 [ 238.579038][ T29] [ 238.582191][ T29] INFO: task syz.2.3:5859 blocked for more than 144 seconds. [ 238.589584][ T29] Not tainted syzkaller #0 [ 238.594597][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 238.603331][ T29] task:syz.2.3 state:D stack:21800 pid:5859 ppid:5770 flags:0x00004000 [ 238.612731][ T29] Call Trace: [ 238.616026][ T29] [ 238.618961][ T29] __schedule+0x14d2/0x44d0 [ 238.623564][ T29] ? asan.module_dtor+0x20/0x20 [ 238.628459][ T29] ? mark_lock+0x94/0x320 [ 238.632867][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 238.638894][ T29] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 238.644354][ T29] schedule+0xbd/0x170 [ 238.648483][ T29] schedule_preempt_disabled+0x13/0x20 [ 238.654027][ T29] rwsem_down_write_slowpath+0xbd2/0xfa0 [ 238.659687][ T29] ? rwsem_down_write_slowpath+0x7b7/0xfa0 [ 238.665582][ T29] ? rwsem_down_read_slowpath+0x840/0x840 [ 238.671440][ T29] ? read_lock_is_recursive+0x20/0x20 [ 238.676865][ T29] down_write+0x1a7/0x1f0 [ 238.682530][ T29] ? down_read_killable+0x340/0x340 [ 238.687773][ T29] exit_mmap+0x245/0xb50 [ 238.692094][ T29] ? exit_mm_release+0x1a/0x30 [ 238.696898][ T29] ? vm_brk+0x30/0x30 [ 238.700916][ T29] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 238.706772][ T29] ? uprobe_clear_state+0x278/0x290 [ 238.712261][ T29] ? mm_update_next_owner+0x562/0x6c0 [ 238.717662][ T29] __mmput+0x118/0x3c0 [ 238.721854][ T29] exit_mm+0x1da/0x2c0 [ 238.725972][ T29] ? do_exit+0x23c0/0x23c0 [ 238.730417][ T29] ? taskstats_exit+0x35e/0x9e0 [ 238.735372][ T29] do_exit+0x88e/0x23c0 [ 238.739572][ T29] ? put_task_struct+0xc0/0xc0 [ 238.744403][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 238.750410][ T29] ? get_signal+0x1068/0x1400 [ 238.755224][ T29] ? lock_chain_count+0x20/0x20 [ 238.760118][ T29] ? _raw_spin_lock_irq+0xaf/0xe0 [ 238.765262][ T29] do_group_exit+0x21b/0x2d0 [ 238.769903][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 238.775251][ T29] get_signal+0x12fc/0x1400 [ 238.780224][ T29] arch_do_signal_or_restart+0x9c/0x7b0 [ 238.786062][ T29] ? __ia32_sys_get_robust_list+0x110/0x110 [ 238.792285][ T29] ? get_sigframe_size+0x20/0x20 [ 238.797297][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 238.802888][ T29] exit_to_user_mode_loop+0x70/0x110 [ 238.808223][ T29] exit_to_user_mode_prepare+0xf6/0x180 [ 238.813862][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 238.819355][ T29] do_syscall_64+0x61/0xb0 [ 238.823836][ T29] ? clear_bhb_loop+0x40/0x90 [ 238.828535][ T29] ? clear_bhb_loop+0x40/0x90 [ 238.833303][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 238.839234][ T29] RIP: 0033:0x7f83a8f8f749 [ 238.843737][ T29] RSP: 002b:00007f83a9e410e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 238.852276][ T29] RAX: fffffffffffffe00 RBX: 00007f83a91e5fa8 RCX: 00007f83a8f8f749 [ 238.860282][ T29] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f83a91e5fa8 [ 238.868415][ T29] RBP: 00007f83a91e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 238.876475][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.884953][ T29] R13: 00007f83a91e6038 R14: 00007ffd1924f0d0 R15: 00007ffd1924f1b8 [ 238.893031][ T29] [ 238.896089][ T29] [ 238.896089][ T29] Showing all locks held in the system: [ 238.904020][ T29] 1 lock held by khungtaskd/29: [ 238.908888][ T29] #0: ffffffff8cd2ff20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 238.918836][ T29] 2 locks held by kworker/u4:2/39: [ 238.924045][ T29] 5 locks held by kworker/u4:8/2909: [ 238.929352][ T29] 2 locks held by getty/5531: [ 238.934112][ T29] #0: ffff88802d4740a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 238.944131][ T29] #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 238.954335][ T29] 1 lock held by syz-executor/5757: [ 238.959554][ T29] #0: ffff88807e64b120 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x245/0xb50 [ 238.968712][ T29] 1 lock held by syz.3.4/5856: [ 238.973573][ T29] #0: ffff88801e293aa0 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x245/0xb50 [ 238.982734][ T29] 1 lock held by syz.2.3/5859: [ 238.987876][ T29] #0: ffff888030bdcda0 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x245/0xb50 [ 238.997146][ T29] [ 238.999506][ T29] ============================================= [ 238.999506][ T29] [ 239.007969][ T29] NMI backtrace for cpu 1 [ 239.012326][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 239.019548][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 239.029622][ T29] Call Trace: [ 239.032904][ T29] [ 239.035854][ T29] dump_stack_lvl+0x16c/0x230 [ 239.040537][ T29] ? preempt_count_add+0x91/0x1a0 [ 239.045573][ T29] ? show_regs_print_info+0x20/0x20 [ 239.050776][ T29] ? load_image+0x3b0/0x3b0 [ 239.055294][ T29] nmi_cpu_backtrace+0x39b/0x3d0 [ 239.060240][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 239.066405][ T29] ? _printk+0xd0/0x110 [ 239.070613][ T29] ? load_image+0x3b0/0x3b0 [ 239.075152][ T29] ? load_image+0x3b0/0x3b0 [ 239.079679][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 239.085777][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 239.091805][ T29] watchdog+0xf41/0xf80 [ 239.095986][ T29] ? watchdog+0x1e1/0xf80 [ 239.100338][ T29] kthread+0x2fa/0x390 [ 239.104432][ T29] ? hungtask_pm_notify+0x90/0x90 [ 239.109499][ T29] ? kthread_blkcg+0xd0/0xd0 [ 239.114108][ T29] ret_from_fork+0x48/0x80 [ 239.118535][ T29] ? kthread_blkcg+0xd0/0xd0 [ 239.123133][ T29] ret_from_fork_asm+0x11/0x20 [ 239.127921][ T29] [ 239.131572][ T29] Sending NMI from CPU 1 to CPUs 0: [ 239.136822][ C0] NMI backtrace for cpu 0 [ 239.136830][ C0] CPU: 0 PID: 2909 Comm: kworker/u4:8 Not tainted syzkaller #0 [ 239.136845][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 239.136854][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 239.136874][ C0] RIP: 0010:__lock_acquire+0x441/0x7c80 [ 239.136893][ C0] Code: 00 fc ff df 4c 89 64 24 68 48 8b 84 24 88 00 00 00 49 89 46 10 49 83 c6 18 4c 89 f0 48 c1 e8 03 48 89 44 24 58 42 80 3c 00 00 <74> 12 4c 89 f7 e8 b5 fc 75 00 49 b8 00 00 00 00 00 fc ff df 4c 89 [ 239.136905][ C0] RSP: 0018:ffffc9000be275c0 EFLAGS: 00000046 [ 239.136917][ C0] RAX: 1ffff1100574d173 RBX: 0000000000000000 RCX: 1ffff1100574d174 [ 239.136927][ C0] RDX: ffff88802ba68b78 RSI: 0000000000000004 RDI: ffff88802ba68b88 [ 239.136937][ C0] RBP: ffffc9000be27808 R08: dffffc0000000000 R09: 0000000000000001 [ 239.136947][ C0] R10: dffffc0000000000 R11: fffffbfff1c94426 R12: ffff88802ba68b90 [ 239.136958][ C0] R13: 000000000000002c R14: ffff88802ba68b98 R15: 0000000000000000 [ 239.136967][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 239.136979][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 239.136989][ C0] CR2: 000055b6f8aa2a38 CR3: 000000000cb30000 CR4: 00000000003506f0 [ 239.137003][ C0] Call Trace: [ 239.137008][ C0] [ 239.137023][ C0] ? mark_lock+0x94/0x320 [ 239.137039][ C0] ? verify_lock_unused+0x140/0x140 [ 239.137056][ C0] ? __lock_acquire+0x1334/0x7c80 [ 239.137079][ C0] lock_acquire+0x197/0x410 [ 239.137094][ C0] ? ___slab_alloc+0x1ef/0x1300 [ 239.137119][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 239.137135][ C0] ? read_lock_is_recursive+0x20/0x20 [ 239.137151][ C0] ? lock_chain_count+0x20/0x20 [ 239.137170][ C0] ? ___slab_alloc+0x1ef/0x1300 [ 239.137191][ C0] ___slab_alloc+0x207/0x1300 [ 239.137211][ C0] ? ___slab_alloc+0x1ef/0x1300 [ 239.137234][ C0] ? __alloc_skb+0x108/0x2c0 [ 239.137252][ C0] kmem_cache_alloc_node+0x1ea/0x330 [ 239.137272][ C0] ? __alloc_skb+0x108/0x2c0 [ 239.137289][ C0] __alloc_skb+0x108/0x2c0 [ 239.137305][ C0] nsim_dev_trap_report_work+0x293/0xb00 [ 239.137324][ C0] ? read_lock_is_recursive+0x20/0x20 [ 239.137342][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 239.137360][ C0] ? process_scheduled_works+0x957/0x15b0 [ 239.137379][ C0] process_scheduled_works+0xa45/0x15b0 [ 239.137407][ C0] ? assign_work+0x400/0x400 [ 239.137432][ C0] ? assign_work+0x39e/0x400 [ 239.137451][ C0] worker_thread+0xa55/0xfc0 [ 239.137468][ C0] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 239.137486][ C0] ? _raw_spin_unlock+0x40/0x40 [ 239.137501][ C0] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 239.137526][ C0] kthread+0x2fa/0x390 [ 239.137538][ C0] ? pr_cont_work+0x560/0x560 [ 239.137555][ C0] ? kthread_blkcg+0xd0/0xd0 [ 239.137568][ C0] ret_from_fork+0x48/0x80 [ 239.137585][ C0] ? kthread_blkcg+0xd0/0xd0 [ 239.137598][ C0] ret_from_fork_asm+0x11/0x20 [ 239.137634][ C0] [ 239.139006][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 239.436581][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 239.443793][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 239.453851][ T29] Call Trace: [ 239.457156][ T29] [ 239.460104][ T29] dump_stack_lvl+0x16c/0x230 [ 239.464798][ T29] ? show_regs_print_info+0x20/0x20 [ 239.470006][ T29] ? load_image+0x3b0/0x3b0 [ 239.474544][ T29] panic+0x2c0/0x710 [ 239.478475][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 239.484129][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 239.488644][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 239.494195][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 239.500375][ T29] watchdog+0xf80/0xf80 [ 239.504546][ T29] ? watchdog+0x1e1/0xf80 [ 239.508877][ T29] kthread+0x2fa/0x390 [ 239.512950][ T29] ? hungtask_pm_notify+0x90/0x90 [ 239.518006][ T29] ? kthread_blkcg+0xd0/0xd0 [ 239.522610][ T29] ret_from_fork+0x48/0x80 [ 239.527026][ T29] ? kthread_blkcg+0xd0/0xd0 [ 239.531649][ T29] ret_from_fork_asm+0x11/0x20 [ 239.536462][ T29] [ 239.540082][ T29] Kernel Offset: disabled [ 239.544424][ T29] Rebooting in 86400 seconds..