[ 19.683119][ T3696] 8021q: adding VLAN 0 to HW filter on device bond0 [ 19.689162][ T3696] eql: remember to turn off Van-Jacobson compression on your slave devices [ 19.730113][ T335] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 19.735614][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller syzkaller login: [ 74.778505][ T1962] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.173' (ED25519) to the list of known hosts. 1970/01/01 00:05:47 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:05:48 parsed 1 programs [ 350.895512][ T4055] cgroup: Unknown subsys name 'net' [ 351.153793][ T4055] cgroup: Unknown subsys name 'rlimit' [ 351.540096][ T4055] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SSFS [ 361.283088][ T4089] chnl_net:caif_netlink_parms(): no params data found [ 361.324423][ T4089] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.326485][ T4089] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.330372][ T4089] device bridge_slave_0 entered promiscuous mode [ 361.338337][ T4089] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.340393][ T4089] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.343087][ T4089] device bridge_slave_1 entered promiscuous mode [ 361.359426][ T4089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 361.363724][ T4089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 361.380415][ T4089] team0: Port device team_slave_0 added [ 361.383816][ T4089] team0: Port device team_slave_1 added [ 361.401230][ T4089] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 361.403078][ T4089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 361.410261][ T4089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 361.414932][ T4089] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 361.416730][ T4089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 361.424317][ T4089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 361.489519][ T4089] device hsr_slave_0 entered promiscuous mode [ 361.527363][ T4089] device hsr_slave_1 entered promiscuous mode [ 361.714384][ T4089] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 361.751152][ T4089] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 361.800531][ T4089] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 361.850661][ T4089] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 361.907483][ T4089] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.909566][ T4089] bridge0: port 2(bridge_slave_1) entered forwarding state [ 361.912014][ T4089] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.913924][ T4089] bridge0: port 1(bridge_slave_0) entered forwarding state [ 361.963279][ T4089] 8021q: adding VLAN 0 to HW filter on device bond0 [ 361.972308][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 361.979205][ T4090] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.982713][ T4090] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.992298][ T4089] 8021q: adding VLAN 0 to HW filter on device team0 [ 362.004205][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 362.007836][ T4032] bridge0: port 1(bridge_slave_0) entered blocking state [ 362.009900][ T4032] bridge0: port 1(bridge_slave_0) entered forwarding state [ 362.016594][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 362.022818][ T4090] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.024794][ T4090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 362.042286][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 362.045606][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 362.052827][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 362.064515][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 362.071580][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 362.076496][ T4089] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 362.157898][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 362.160053][ T4090] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 362.168361][ T4089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 362.183579][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 362.203233][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 362.206642][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 362.211131][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 362.215935][ T4089] device veth0_vlan entered promiscuous mode [ 362.225362][ T4089] device veth1_vlan entered promiscuous mode [ 362.228554][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 362.252198][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 362.254925][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 362.260376][ T4089] device veth0_macvtap entered promiscuous mode [ 362.264841][ T4089] device veth1_macvtap entered promiscuous mode [ 362.280011][ T4089] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 362.282278][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 362.284856][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 362.289621][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 362.292808][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 362.299916][ T4089] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 362.304317][ T4089] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.306798][ T4089] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.310601][ T4089] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.313052][ T4089] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 362.321392][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 362.324308][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 363.021250][ T335] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.649749][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 363.652013][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 363.654999][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 363.678541][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 363.681011][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 363.683939][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:06:04 executed programs: 0 [ 364.247462][ T4141] chnl_net:caif_netlink_parms(): no params data found [ 364.282156][ T4141] bridge0: port 1(bridge_slave_0) entered blocking state [ 364.284043][ T4141] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.286662][ T4141] device bridge_slave_0 entered promiscuous mode [ 364.292692][ T4141] bridge0: port 2(bridge_slave_1) entered blocking state [ 364.294837][ T4141] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.297816][ T4141] device bridge_slave_1 entered promiscuous mode [ 364.316760][ T4141] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 364.321892][ T4141] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 364.337586][ T4141] team0: Port device team_slave_0 added [ 364.341600][ T4141] team0: Port device team_slave_1 added [ 364.358690][ T4141] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 364.360615][ T4141] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.368028][ T4141] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 364.372368][ T4141] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 364.374131][ T4141] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.381705][ T4141] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 364.439149][ T4141] device hsr_slave_0 entered promiscuous mode [ 364.477362][ T4141] device hsr_slave_1 entered promiscuous mode [ 364.517076][ T4141] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 364.519361][ T4141] Cannot create hsr debugfs directory [ 365.475660][ T335] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.217983][ T4082] Bluetooth: hci0: command 0x0409 tx timeout [ 368.014117][ T335] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.075991][ T335] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.297151][ T4060] Bluetooth: hci0: command 0x041b tx timeout [ 369.142142][ T4141] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 369.190681][ T4141] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 369.228981][ T4141] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 369.279271][ T4141] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 369.400114][ T4141] 8021q: adding VLAN 0 to HW filter on device bond0 [ 369.407582][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 369.410030][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 369.415075][ T4141] 8021q: adding VLAN 0 to HW filter on device team0 [ 369.422479][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 369.425200][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 369.428192][ T4097] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.430140][ T4097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 369.433014][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 369.439100][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 369.441848][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 369.444320][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.446142][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 369.451211][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 369.456612][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 369.464956][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 369.469470][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 369.472279][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 369.476321][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 369.479976][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 369.485185][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 369.488170][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 369.493970][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 369.496622][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 369.502466][ T4141] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 369.606585][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 369.609588][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 369.616616][ T4141] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 369.639954][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 369.642824][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 369.655624][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 369.660450][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 369.666166][ T4141] device veth0_vlan entered promiscuous mode [ 369.669481][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 369.672192][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 369.680408][ T4141] device veth1_vlan entered promiscuous mode [ 369.695363][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 369.701692][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 369.704297][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 369.707980][ T4032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 369.731601][ T4141] device veth0_macvtap entered promiscuous mode [ 369.736083][ T4141] device veth1_macvtap entered promiscuous mode [ 369.750127][ T4141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 369.753156][ T4141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.757292][ T4141] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 369.760007][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 369.762721][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 369.765325][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 369.770219][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 369.774737][ T4141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 369.777639][ T4141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.781266][ T4141] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 369.784520][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 369.787931][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 369.792767][ T4141] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.795085][ T4141] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.798021][ T4141] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.800448][ T4141] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.850352][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 369.852593][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 369.855518][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 369.878187][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 369.881215][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 369.884682][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 1970/01/01 00:06:09 executed programs: 2 [ 370.387433][ T4060] Bluetooth: hci0: command 0x040f tx timeout [ 371.353757][ T335] device hsr_slave_0 left promiscuous mode [ 371.388319][ T335] device hsr_slave_1 left promiscuous mode [ 371.469499][ T335] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 371.471533][ T335] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 371.475864][ T335] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 371.479244][ T335] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 371.481747][ T335] device bridge_slave_1 left promiscuous mode [ 371.484711][ T335] bridge0: port 2(bridge_slave_1) entered disabled state [ 371.541463][ T335] device bridge_slave_0 left promiscuous mode [ 371.543331][ T335] bridge0: port 1(bridge_slave_0) entered disabled state [ 371.668975][ T335] device veth1_macvtap left promiscuous mode [ 371.670979][ T335] device veth0_macvtap left promiscuous mode [ 371.672649][ T335] device veth1_vlan left promiscuous mode [ 371.674367][ T335] device veth0_vlan left promiscuous mode [ 371.953161][ T335] team0 (unregistering): Port device team_slave_1 removed [ 371.965354][ T335] team0 (unregistering): Port device team_slave_0 removed [ 371.980343][ T335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 372.005375][ T335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 372.164359][ T335] bond0 (unregistering): Released all slaves [ 372.457014][ T4082] Bluetooth: hci0: command 0x0419 tx timeout 1970/01/01 00:06:14 executed programs: 236 [ 376.860845][ T2058] ieee802154 phy0 wpan0: encryption failed: -22 [ 376.862726][ T2058] ieee802154 phy1 wpan1: encryption failed: -22 1970/01/01 00:06:19 executed programs: 481 [ 404.176841][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz.0.519:5710] [ 404.179513][ C0] Modules linked in: [ 404.180580][ C0] irq event stamp: 5323 [ 404.181641][ C0] hardirqs last enabled at (5322): [] exit_to_kernel_mode+0x100/0x178 [ 404.184266][ C0] hardirqs last disabled at (5323): [] enter_el1_irq_or_nmi+0x10/0x1c [ 404.186892][ C0] softirqs last enabled at (560): [] release_sock+0x1e4/0x270 [ 404.189353][ C0] softirqs last disabled at (566): [] lock_sock_nested+0x108/0x1ec [ 404.191923][ C0] CPU: 0 PID: 5710 Comm: syz.0.519 Not tainted 5.15.177-syzkaller #0 [ 404.194154][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 404.196803][ C0] pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 404.198831][ C0] pc : queued_spin_lock_slowpath+0x160/0x938 [ 404.200398][ C0] lr : queued_spin_lock_slowpath+0x16c/0x938 [ 404.201923][ C0] sp : ffff800020c775e0 [ 404.202996][ C0] x29: ffff800020c77680 x28: 1ffff0000418eec8 x27: 1fffe00019fec8d2 [ 404.205086][ C0] x26: dfff800000000000 x25: ffff70000418eec0 x24: ffff800020c77600 [ 404.207130][ C0] x23: 1fffe00019fec8d1 x22: ffff800020c77640 x21: 0000000000000001 [ 404.209263][ C0] x20: 0000000000000001 x19: ffff0000cff64688 x18: 0000000000000000 [ 404.211369][ C0] x17: 0000000000000000 x16: ffff800008305360 x15: 000000000000000a [ 404.213517][ C0] x14: 1ffff0000296e06c x13: dfff800000000000 x12: 0000000000000001 [ 404.215582][ C0] x11: 1fffe00019fec8d1 x10: 0000000000000000 x9 : 0000000000000000 [ 404.217723][ C0] x8 : 0000000000000101 x7 : ffff80000ff135f0 x6 : 0000000000000000 [ 404.219882][ C0] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800008304588 [ 404.221921][ C0] x2 : 0000000000000000 x1 : 0000000000000004 x0 : 0000000000000001 [ 404.223977][ C0] Call trace: [ 404.224800][ C0] queued_spin_lock_slowpath+0x160/0x938 [ 404.226307][ C0] do_raw_spin_lock+0x334/0x35c [ 404.227579][ C0] _raw_spin_lock_bh+0x12c/0x1c4 [ 404.228859][ C0] lock_sock_nested+0x108/0x1ec [ 404.230148][ C0] tipc_sendstream+0x50/0x84 [ 404.231393][ C0] ____sys_sendmsg+0x584/0x870 [ 404.232650][ C0] ___sys_sendmsg+0x214/0x294 [ 404.233926][ C0] __arm64_sys_sendmsg+0x1ac/0x25c [ 404.235315][ C0] invoke_syscall+0x98/0x2b8 [ 404.236491][ C0] el0_svc_common+0x138/0x258 [ 404.237683][ C0] do_el0_svc+0x58/0x14c [ 404.238842][ C0] el0_svc+0x7c/0x1f0 [ 404.239853][ C0] el0t_64_sync_handler+0x84/0xe4 [ 404.241179][ C0] el0t_64_sync+0x1a0/0x1a4 [ 404.242347][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 404.244123][ C0] CPU: 0 PID: 5710 Comm: syz.0.519 Tainted: G L 5.15.177-syzkaller #0 [ 404.246626][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 404.249260][ C0] Call trace: [ 404.250126][ C0] dump_backtrace+0x0/0x530 [ 404.251368][ C0] show_stack+0x2c/0x3c [ 404.252484][ C0] dump_stack_lvl+0x108/0x170 [ 404.253719][ C0] dump_stack+0x1c/0x58 [ 404.254870][ C0] panic+0x304/0x8bc [ 404.255910][ C0] softlockup_fn+0x0/0x120 [ 404.257084][ C0] __hrtimer_run_queues+0x458/0xca4 [ 404.258395][ C0] hrtimer_interrupt+0x2c0/0xb64 [ 404.259653][ C0] arch_timer_handler_virt+0x74/0x88 [ 404.261088][ C0] handle_percpu_devid_irq+0x29c/0x7fc [ 404.262533][ C0] handle_domain_irq+0xec/0x178 [ 404.263792][ C0] gic_handle_irq+0x78/0x1c8 [ 404.265059][ C0] call_on_irq_stack+0x24/0x4c [ 404.266294][ C0] do_interrupt_handler+0x74/0x94 [ 404.267572][ C0] el1_interrupt+0x30/0x58 [ 404.268726][ C0] el1h_64_irq_handler+0x18/0x24 [ 404.270024][ C0] el1h_64_irq+0x78/0x7c [ 404.271141][ C0] queued_spin_lock_slowpath+0x160/0x938 [ 404.272576][ C0] do_raw_spin_lock+0x334/0x35c [ 404.273842][ C0] _raw_spin_lock_bh+0x12c/0x1c4 [ 404.275153][ C0] lock_sock_nested+0x108/0x1ec [ 404.276420][ C0] tipc_sendstream+0x50/0x84 [ 404.277613][ C0] ____sys_sendmsg+0x584/0x870 [ 404.278849][ C0] ___sys_sendmsg+0x214/0x294 [ 404.280117][ C0] __arm64_sys_sendmsg+0x1ac/0x25c [ 404.281433][ C0] invoke_syscall+0x98/0x2b8 [ 404.282621][ C0] el0_svc_common+0x138/0x258 [ 404.283856][ C0] do_el0_svc+0x58/0x14c [ 404.284956][ C0] el0_svc+0x7c/0x1f0 [ 404.285991][ C0] el0t_64_sync_handler+0x84/0xe4 [ 404.287281][ C0] el0t_64_sync+0x1a0/0x1a4 [ 404.288520][ C0] SMP: stopping secondary CPUs [ 404.289808][ C0] Kernel Offset: disabled [ 404.291030][ C0] CPU features: 0x8,000081c1,21302e40 [ 404.292503][ C0] Memory Limit: none [ 404.306662][ C0] [ 404.307327][ C0] ================================ [ 404.308628][ C0] WARNING: inconsistent lock state [ 404.309949][ C0] 5.15.177-syzkaller #0 Tainted: G L [ 404.311662][ C0] -------------------------------- [ 404.313033][ C0] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage. [ 404.314828][ C0] syz.0.519/5710 [HC1[1]:SC0[2]:HE0:SE0] takes: [ 404.316482][ C0] ffff800014bae8f8 (efi_rt_lock){?...}-{2:2}, at: virt_efi_set_variable_nonblocking+0x74/0x16c [ 404.319317][ C0] {HARDIRQ-ON-W} state was registered at: [ 404.320828][ C0] lock_acquire+0x240/0x77c [ 404.322002][ C0] _raw_spin_lock+0xb0/0x10c [ 404.323198][ C0] efi_call_rts+0x80/0x9d8 [ 404.324396][ C0] process_one_work+0x790/0x11b8 [ 404.325766][ C0] worker_thread+0x910/0x1034 [ 404.326977][ C0] kthread+0x37c/0x45c [ 404.328046][ C0] ret_from_fork+0x10/0x20 [ 404.329200][ C0] irq event stamp: 5323 [ 404.330265][ C0] hardirqs last enabled at (5322): [] exit_to_kernel_mode+0x100/0x178 [ 404.332812][ C0] hardirqs last disabled at (5323): [] enter_el1_irq_or_nmi+0x10/0x1c [ 404.335363][ C0] softirqs last enabled at (560): [] release_sock+0x1e4/0x270 [ 404.337735][ C0] softirqs last disabled at (566): [] lock_sock_nested+0x108/0x1ec [ 404.340209][ C0] [ 404.340209][ C0] other info that might help us debug this: [ 404.342255][ C0] Possible unsafe locking scenario: [ 404.342255][ C0] [ 404.344142][ C0] CPU0 [ 404.344954][ C0] ---- [ 404.345800][ C0] lock(efi_rt_lock); [ 404.346857][ C0] [ 404.347715][ C0] lock(efi_rt_lock); [ 404.348822][ C0] [ 404.348822][ C0] *** DEADLOCK *** [ 404.348822][ C0] [ 404.350884][ C0] 4 locks held by syz.0.519/5710: [ 404.352203][ C0] #0: ffff0000cff64720 (sk_lock-AF_TIPC){+.+.}-{0:0}, at: tipc_sendstream+0x50/0x84 [ 404.354628][ C0] #1: ffff0000cff646a0 (slock-AF_TIPC){+...}-{2:2}, at: lock_sock_nested+0x108/0x1ec [ 404.357087][ C0] #2: ffff800014d42360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c [ 404.359480][ C0] #3: ffff8000168b5c08 (&psinfo->buf_lock){....}-{2:2}, at: pstore_dump+0x174/0x9dc [ 404.361942][ C0] [ 404.361942][ C0] stack backtrace: [ 404.363486][ C0] CPU: 0 PID: 5710 Comm: syz.0.519 Tainted: G L 5.15.177-syzkaller #0 [ 404.365917][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 404.368582][ C0] Call trace: [ 404.369409][ C0] dump_backtrace+0x0/0x530 [ 404.370541][ C0] show_stack+0x2c/0x3c [ 404.371572][ C0] dump_stack_lvl+0x108/0x170 [ 404.372778][ C0] dump_stack+0x1c/0x58 [ 404.373838][ C0] print_usage_bug+0x64c/0x9a8 [ 404.375057][ C0] mark_lock_irq+0x980/0xd2c [ 404.376214][ C0] mark_lock+0x258/0x360 [ 404.377303][ C0] __lock_acquire+0xb50/0x7638 [ 404.378591][ C0] lock_acquire+0x240/0x77c [ 404.379691][ C0] _raw_spin_lock+0xb0/0x10c [ 404.380831][ C0] virt_efi_set_variable_nonblocking+0x74/0x16c [ 404.382540][ C0] efivar_entry_set_safe+0x560/0x580 [ 404.383924][ C0] efi_pstore_write+0x280/0x400 [ 404.385181][ C0] pstore_dump+0x6b0/0x9dc [ 404.386366][ C0] kmsg_dump+0x17c/0x26c [ 404.387392][ C0] panic+0x358/0x8bc [ 404.388373][ C0] softlockup_fn+0x0/0x120 [ 404.389506][ C0] __hrtimer_run_queues+0x458/0xca4 [ 404.390873][ C0] hrtimer_interrupt+0x2c0/0xb64 [ 404.392132][ C0] arch_timer_handler_virt+0x74/0x88 [ 404.393521][ C0] handle_percpu_devid_irq+0x29c/0x7fc [ 404.394957][ C0] handle_domain_irq+0xec/0x178 [ 404.396236][ C0] gic_handle_irq+0x78/0x1c8 [ 404.397475][ C0] call_on_irq_stack+0x24/0x4c [ 404.398698][ C0] do_interrupt_handler+0x74/0x94 [ 404.399948][ C0] el1_interrupt+0x30/0x58 [ 404.401142][ C0] el1h_64_irq_handler+0x18/0x24 [ 404.402454][ C0] el1h_64_irq+0x78/0x7c [ 404.403553][ C0] queued_spin_lock_slowpath+0x160/0x938 [ 404.404996][ C0] do_raw_spin_lock+0x334/0x35c [ 404.406275][ C0] _raw_spin_lock_bh+0x12c/0x1c4 [ 404.407600][ C0] lock_sock_nested+0x108/0x1ec [ 404.408884][ C0] tipc_sendstream+0x50/0x84 [ 404.410153][ C0] ____sys_sendmsg+0x584/0x870 [ 404.411448][ C0] ___sys_sendmsg+0x214/0x294 [ 404.412637][ C0] __arm64_sys_sendmsg+0x1ac/0x25c [ 404.413960][ C0] invoke_syscall+0x98/0x2b8 [ 404.415128][ C0] el0_svc_common+0x138/0x258 [ 404.416312][ C0] do_el0_svc+0x58/0x14c [ 404.417395][ C0] el0_svc+0x7c/0x1f0 [ 404.418459][ C0] el0t_64_sync_handler+0x84/0xe4 [ 404.419864][ C0] el0t_64_sync+0x1a0/0x1a4 [ 404.743410][ C0] Rebooting in 86400 seconds..