Warning: Permanently added '10.128.0.150' (ED25519) to the list of known hosts. 2024/04/08 01:18:41 fuzzer started 2024/04/08 01:18:42 dialing manager at 10.128.0.169:30006 [ 62.991888][ T5065] cgroup: Unknown subsys name 'net' [ 63.131348][ T5065] cgroup: Unknown subsys name 'rlimit' 2024/04/08 01:18:43 syscalls: 138 2024/04/08 01:18:43 code coverage: enabled 2024/04/08 01:18:43 comparison tracing: enabled 2024/04/08 01:18:43 extra coverage: enabled 2024/04/08 01:18:43 delay kcov mmap: enabled 2024/04/08 01:18:43 setuid sandbox: enabled 2024/04/08 01:18:43 namespace sandbox: enabled 2024/04/08 01:18:43 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/08 01:18:43 fault injection: enabled 2024/04/08 01:18:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/08 01:18:43 net packet injection: enabled 2024/04/08 01:18:43 net device setup: enabled 2024/04/08 01:18:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/08 01:18:43 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/08 01:18:43 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/08 01:18:43 USB emulation: enabled 2024/04/08 01:18:43 hci packet injection: enabled 2024/04/08 01:18:43 wifi device emulation: enabled 2024/04/08 01:18:43 802.15.4 emulation: enabled 2024/04/08 01:18:43 swap file: enabled [ 64.548824][ T5065] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/08 01:18:44 starting 5 executor processes [ 65.419959][ T5088] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 65.428585][ T5088] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 65.438521][ T5088] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 65.446536][ T5093] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 65.446987][ T5088] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 65.458819][ T5094] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 65.466147][ T5088] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 65.473610][ T5094] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 65.479181][ T5088] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 65.490031][ T5094] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 65.495894][ T5088] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 65.502146][ T5093] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 65.517976][ T5094] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 65.519606][ T5096] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 65.529077][ T5094] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 65.536123][ T5088] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 65.545597][ T5093] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 65.550956][ T5094] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 65.557767][ T5093] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 65.564182][ T5094] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 65.573695][ T5093] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 65.586269][ T5093] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 65.586500][ T5094] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 65.601334][ T5092] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 65.608665][ T5088] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 65.617477][ T5092] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 65.625892][ T5094] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 65.627188][ T5092] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 65.640528][ T5094] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 65.641227][ T5092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.198717][ T5079] chnl_net:caif_netlink_parms(): no params data found [ 66.231588][ T5087] chnl_net:caif_netlink_parms(): no params data found [ 66.281942][ T5078] chnl_net:caif_netlink_parms(): no params data found [ 66.322556][ T5085] chnl_net:caif_netlink_parms(): no params data found [ 66.350780][ T5081] chnl_net:caif_netlink_parms(): no params data found [ 66.469702][ T5079] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.477168][ T5079] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.485427][ T5079] bridge_slave_0: entered allmulticast mode [ 66.495451][ T5079] bridge_slave_0: entered promiscuous mode [ 66.568844][ T5079] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.576495][ T5079] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.583944][ T5079] bridge_slave_1: entered allmulticast mode [ 66.590749][ T5079] bridge_slave_1: entered promiscuous mode [ 66.630349][ T5087] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.637983][ T5087] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.646115][ T5087] bridge_slave_0: entered allmulticast mode [ 66.653302][ T5087] bridge_slave_0: entered promiscuous mode [ 66.660838][ T5078] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.669442][ T5078] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.677549][ T5078] bridge_slave_0: entered allmulticast mode [ 66.685720][ T5078] bridge_slave_0: entered promiscuous mode [ 66.710759][ T5079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.740493][ T5081] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.747708][ T5081] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.759938][ T5081] bridge_slave_0: entered allmulticast mode [ 66.767211][ T5081] bridge_slave_0: entered promiscuous mode [ 66.777210][ T5081] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.785133][ T5081] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.793312][ T5081] bridge_slave_1: entered allmulticast mode [ 66.800730][ T5081] bridge_slave_1: entered promiscuous mode [ 66.808205][ T5087] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.816352][ T5087] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.824357][ T5087] bridge_slave_1: entered allmulticast mode [ 66.831821][ T5087] bridge_slave_1: entered promiscuous mode [ 66.850813][ T5078] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.858312][ T5078] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.866401][ T5078] bridge_slave_1: entered allmulticast mode [ 66.873510][ T5078] bridge_slave_1: entered promiscuous mode [ 66.882332][ T5079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.902794][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.910359][ T5085] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.918333][ T5085] bridge_slave_0: entered allmulticast mode [ 66.926472][ T5085] bridge_slave_0: entered promiscuous mode [ 66.998341][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.005812][ T5085] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.013840][ T5085] bridge_slave_1: entered allmulticast mode [ 67.020786][ T5085] bridge_slave_1: entered promiscuous mode [ 67.030673][ T5081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.044994][ T5081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.057082][ T5087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.069046][ T5078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.082233][ T5078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.096835][ T5079] team0: Port device team_slave_0 added [ 67.146847][ T5087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.173067][ T5079] team0: Port device team_slave_1 added [ 67.181748][ T5085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.195558][ T5085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.208278][ T5081] team0: Port device team_slave_0 added [ 67.292473][ T5081] team0: Port device team_slave_1 added [ 67.311934][ T5087] team0: Port device team_slave_0 added [ 67.320974][ T5087] team0: Port device team_slave_1 added [ 67.330489][ T5078] team0: Port device team_slave_0 added [ 67.338463][ T5079] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.348239][ T5079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.376426][ T5079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.391996][ T5085] team0: Port device team_slave_0 added [ 67.402429][ T5085] team0: Port device team_slave_1 added [ 67.433366][ T5078] team0: Port device team_slave_1 added [ 67.439798][ T5079] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.448491][ T5079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.476105][ T5079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.510332][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.518172][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.544870][ T5081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.559505][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.567182][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.583803][ T5092] Bluetooth: hci4: command tx timeout [ 67.595055][ T5081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.623939][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.631038][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.658222][ T5087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.672294][ T5092] Bluetooth: hci2: command tx timeout [ 67.703297][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.710726][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.739838][ T5085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.751809][ T5092] Bluetooth: hci0: command tx timeout [ 67.751827][ T5086] Bluetooth: hci1: command tx timeout [ 67.753069][ T5086] Bluetooth: hci3: command tx timeout [ 67.761857][ T5085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.777371][ T5085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.807223][ T5085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.828797][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.836509][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.865129][ T5087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.883289][ T5078] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.890814][ T5078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.919469][ T5078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.965043][ T5078] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.972991][ T5078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.000376][ T5078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.026990][ T5079] hsr_slave_0: entered promiscuous mode [ 68.034654][ T5079] hsr_slave_1: entered promiscuous mode [ 68.068582][ T5085] hsr_slave_0: entered promiscuous mode [ 68.075386][ T5085] hsr_slave_1: entered promiscuous mode [ 68.081853][ T5085] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.090323][ T5085] Cannot create hsr debugfs directory [ 68.141186][ T5087] hsr_slave_0: entered promiscuous mode [ 68.148295][ T5087] hsr_slave_1: entered promiscuous mode [ 68.155571][ T5087] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.163639][ T5087] Cannot create hsr debugfs directory [ 68.184747][ T5081] hsr_slave_0: entered promiscuous mode [ 68.191477][ T5081] hsr_slave_1: entered promiscuous mode [ 68.198633][ T5081] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.206649][ T5081] Cannot create hsr debugfs directory [ 68.246136][ T5078] hsr_slave_0: entered promiscuous mode [ 68.253470][ T5078] hsr_slave_1: entered promiscuous mode [ 68.259629][ T5078] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.267894][ T5078] Cannot create hsr debugfs directory [ 68.755711][ T5079] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 68.768195][ T5079] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 68.779003][ T5079] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 68.789775][ T5079] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 68.852904][ T5087] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 68.869344][ T5087] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 68.891787][ T5087] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 68.912273][ T5087] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 68.967069][ T5085] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 68.977515][ T5085] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 68.989835][ T5085] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 69.000102][ T5085] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 69.102192][ T5078] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 69.123447][ T5078] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 69.135017][ T5078] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 69.149552][ T5078] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.235648][ T5079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.262335][ T5081] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 69.288984][ T5081] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 69.314631][ T5081] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 69.325436][ T5081] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 69.359265][ T5087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.376799][ T5079] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.436107][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.444123][ T5090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.477889][ T5087] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.498190][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.505575][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.546510][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.554020][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.583240][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.590473][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.663645][ T5086] Bluetooth: hci4: command tx timeout [ 69.695726][ T5078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.720897][ T5079] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 69.744324][ T5086] Bluetooth: hci2: command tx timeout [ 69.771780][ T5085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.812270][ T5078] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.822902][ T5086] Bluetooth: hci3: command tx timeout [ 69.824375][ T5092] Bluetooth: hci0: command tx timeout [ 69.828436][ T5086] Bluetooth: hci1: command tx timeout [ 69.886474][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.895272][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.922226][ T5081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.948860][ T5085] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.970791][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.978293][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.021830][ T5130] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.029161][ T5130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.050720][ T5081] 8021q: adding VLAN 0 to HW filter on device team0 [ 70.082343][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.089583][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.115208][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.122440][ T5090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.165692][ T5079] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.216115][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.223366][ T5090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.265839][ T5087] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.545295][ T5087] veth0_vlan: entered promiscuous mode [ 70.628311][ T5087] veth1_vlan: entered promiscuous mode [ 70.684084][ T5078] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.789018][ T5079] veth0_vlan: entered promiscuous mode [ 70.873457][ T5079] veth1_vlan: entered promiscuous mode [ 70.901247][ T5078] veth0_vlan: entered promiscuous mode [ 70.923770][ T5087] veth0_macvtap: entered promiscuous mode [ 70.940705][ T5087] veth1_macvtap: entered promiscuous mode [ 70.955431][ T5081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.967056][ T5078] veth1_vlan: entered promiscuous mode [ 71.001763][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.027944][ T5085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.047495][ T5079] veth0_macvtap: entered promiscuous mode [ 71.059087][ T5079] veth1_macvtap: entered promiscuous mode [ 71.072461][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.090899][ T5087] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.100650][ T5087] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.111519][ T5087] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.121891][ T5087] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.170995][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.185419][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.197931][ T5079] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.247989][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.259249][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.277776][ T5079] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.290382][ T5085] veth0_vlan: entered promiscuous mode [ 71.310429][ T5078] veth0_macvtap: entered promiscuous mode [ 71.324375][ T5081] veth0_vlan: entered promiscuous mode [ 71.333610][ T5079] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.342922][ T5079] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.351818][ T5079] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.361749][ T5079] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.380270][ T5078] veth1_macvtap: entered promiscuous mode [ 71.428967][ T5085] veth1_vlan: entered promiscuous mode [ 71.456155][ T5081] veth1_vlan: entered promiscuous mode [ 71.521765][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.533328][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.543775][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.554521][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.566288][ T5078] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.579040][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.592160][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.602864][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.613780][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.628484][ T5078] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.640438][ T5078] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.649950][ T5078] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.659576][ T5078] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.669361][ T5078] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.687983][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.702131][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.743410][ T5086] Bluetooth: hci4: command tx timeout [ 71.744013][ T5130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.760374][ T5130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.818257][ T5085] veth0_macvtap: entered promiscuous mode [ 71.825378][ T5086] Bluetooth: hci2: command tx timeout [ 71.838393][ T5085] veth1_macvtap: entered promiscuous mode [ 71.856411][ T926] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.867851][ T926] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.903046][ T5086] Bluetooth: hci0: command tx timeout [ 71.903466][ T5094] Bluetooth: hci1: command tx timeout [ 71.916237][ T5092] Bluetooth: hci3: command tx timeout 01:18:51 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x3, 0x7fe2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x6, 0xc}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='ext4_alloc_da_blocks\x00', r2}, 0x10) close(r1) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xb, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffff7f850000000400000095e8144d1705dbbe99d291a2dc5c6d7c1ccce5dc5887775e81bbf92284a91e5f31466e639fd44a0a5109002431c872643e9cfa9df8498502fda704b54f2db1501d06204ccac860a7c5333459"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x90) close(r4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000e000000c50000009e"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='sched_kthread_work_queue_work\x00', r4}, 0x10) syz_clone(0x1e8a9080, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000000)='ext4_mark_inode_dirty\x00', r3}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) close(r5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@rights={{0x14, 0x1, 0x1, [r6]}}], 0x18}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="54000000000000000000000400000000000000600000000100010001000000010000000700000007442cc05000000000000000010000ee06000000080000000100000e4a0000002000650e0300000005000000080000000030000000000000000100000001"], 0x88}, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10) close(r6) close(r7) [ 71.941858][ T5081] veth0_macvtap: entered promiscuous mode [ 72.005791][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.042369][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.055360][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.068939][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.079784][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.090726][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.103259][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.123393][ T5131] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.135576][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 01:18:51 executing program 3: socket$kcm(0x11, 0x200000000000002, 0x300) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x12, 0x0, &(0x7f0000000000)="b9ff03076044238c9e9e15f088a84cb688a8", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{}, {0x0, 0x0, 0x0, 0x81}]}) write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xfdef) [ 72.140133][ T5131] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.150896][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 72.166981][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.182857][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.209391][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.232861][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.243894][ T5085] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 01:18:51 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f0000000080)={'batadv0\x00'}) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454da, &(0x7f0000000140)={'batadv0\x00'}) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x1}) [ 72.255447][ T5085] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.267270][ T5085] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.277930][ T5081] veth1_macvtap: entered promiscuous mode [ 72.307939][ T5085] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.325899][ T5085] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.338969][ T5085] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.350734][ T5085] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 01:18:51 executing program 4: bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)={@cgroup, 0xffffffffffffffff, 0xb, 0x2020}, 0x20) [ 72.387674][ T2446] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.417680][ T2446] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.457715][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.497039][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 01:18:51 executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'bridge_slave_0\x00'}) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x30502, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000300)={'pim6reg\x00', @link_local}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'bridge_slave_0\x00', @random="4f33e363a4b1"}) [ 72.507827][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.529806][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.555402][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.567388][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.578276][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.588827][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.601114][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.615270][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.630077][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.641134][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.652219][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.662853][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.673820][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.684604][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.696315][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.714583][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.751306][ T5173] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.781831][ T5174] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.789442][ T5174] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.806314][ T5081] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 01:18:52 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001b40)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271c24e264fcde88c70a98536d00e7583af555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a152a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b5eafefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56108948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd363382e9b90431577366277f670e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bd168b4177cea6ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adb241ecb4b509ecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c7f9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b00000000004a31a3345adcda36a5b2d07341804b5d33d32f60d604a57a32ff419e002c36f277765b38e8416f2d9d80393b080f7756e0e0c08a7bc47e86401b4dfb16589eeea13a93eb81795ec1cfce125c02fcfae34251a1eef9d8494fdc31ddd09ec54310b8c526cd1e41c5233ccaf84b224965eade7aa6d48a4e152f2cdfee91365618cf4a4e533ed1c93c56dcb5abce290af8e61f1e3fd69c8df228e0f856f964f30dc8dcf517853d3af7dd3770e7f802a79316c7561d1195179c64f09a8476"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0x43400) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0x23000) [ 72.824685][ T5081] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.836107][ T5081] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.846598][ T5081] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.901685][ T2446] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.910606][ T2446] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 01:18:52 executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)) r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r1, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='tlb_flush\x00', r4}, 0x10) 01:18:52 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)='u', 0x1}], 0x1}, 0x4040001) recvmsg$unix(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000bc0)={{r2}, &(0x7f0000000940), &(0x7f0000000980)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) recvmsg$unix(r0, &(0x7f00000038c0)={0x0, 0x0, 0x0}, 0x1) 01:18:52 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001780)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 73.058782][ T5090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.098225][ T5180] ------------[ cut here ]------------ [ 73.102719][ T5090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.104069][ T5180] WARNING: CPU: 0 PID: 5180 at kernel/softirq.c:362 __local_bh_enable_ip+0x1be/0x200 [ 73.111825][ T5090] [ 73.121078][ T5180] Modules linked in: [ 73.123484][ T5090] ====================================================== [ 73.123492][ T5090] WARNING: possible circular locking dependency detected [ 73.127364][ T5180] CPU: 0 PID: 5180 Comm: syz-executor.4 Not tainted 6.8.0-syzkaller-05236-g443574b03387 #0 [ 73.134363][ T5090] 6.8.0-syzkaller-05236-g443574b03387 #0 Not tainted [ 73.141467][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 73.151471][ T5090] ------------------------------------------------------ [ 73.151479][ T5090] kworker/1:3/5090 is trying to acquire lock: [ 73.158206][ T5180] RIP: 0010:__local_bh_enable_ip+0x1be/0x200 [ 73.168320][ T5090] ffff88807ea34200 [ 73.175320][ T5180] Code: 3b 44 24 60 75 52 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 90 0f 0b 90 e9 ca fe ff ff e8 55 00 00 00 eb 9c 90 <0f> 0b 90 e9 fa fe ff ff 48 c7 c1 9c e1 86 8f 80 e1 07 80 c1 03 38 [ 73.181460][ T5090] (&stab->lock){+...}-{2:2} [ 73.187504][ T5180] RSP: 0018:ffffc90004797340 EFLAGS: 00010046 [ 73.191213][ T5090] , at: sock_map_delete_elem+0x97/0x140 [ 73.211400][ T5180] [ 73.211407][ T5180] RAX: 0000000000000000 RBX: 1ffff920008f2e6c RCX: 0000000000000000 [ 73.216052][ T5090] [ 73.216052][ T5090] but task is already holding lock: [ 73.216059][ T5090] ffff8880b953e158 [ 73.222191][ T5180] RDX: 0000000000000000 RSI: 0000000000000201 RDI: ffffffff895ffd51 [ 73.227795][ T5090] (&rq->__lock [ 73.230099][ T5180] RBP: ffffc900047973e8 R08: ffff888061bbd27b R09: 1ffff1100c377a4f [ 73.238224][ T5090] ){-.-.}-{2:2} [ 73.245563][ T5180] R10: dffffc0000000000 R11: ffffed100c377a50 R12: dffffc0000000000 [ 73.249342][ T5090] , at: raw_spin_rq_lock_nested+0x2a/0x140 [ 73.257375][ T5180] R13: 0000000000000001 R14: ffffc90004797380 R15: 0000000000000201 [ 73.260805][ T5090] [ 73.260805][ T5090] which lock already depends on the new lock. [ 73.260805][ T5090] [ 73.260811][ T5090] [ 73.260811][ T5090] the existing dependency chain (in reverse order) is: [ 73.269108][ T5180] FS: 00007f675a82f6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 73.272717][ T5090] [ 73.272717][ T5090] -> #5 ( [ 73.280952][ T5180] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 73.286741][ T5090] &rq->__lock [ 73.294799][ T5180] CR2: 0000001b30f23000 CR3: 0000000027f3a000 CR4: 00000000003506f0 [ 73.305700][ T5090] ){-.-.}-{2:2} [ 73.314867][ T5180] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 73.323852][ T5090] : [ 73.323859][ T5090] lock_acquire+0x1e4/0x530 [ 73.328970][ T5180] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 73.335537][ T5090] _raw_spin_lock_nested+0x31/0x40 [ 73.338812][ T5180] Call Trace: [ 73.338827][ T5180] [ 73.346784][ T5090] raw_spin_rq_lock_nested+0x2a/0x140 [ 73.350485][ T5180] ? __warn+0x163/0x4b0 [ 73.358526][ T5090] task_fork_fair+0x61/0x1e0 [ 73.360918][ T5180] ? __local_bh_enable_ip+0x1be/0x200 [ 73.366085][ T5090] sched_cgroup_fork+0x37c/0x410 [ 73.374039][ T5180] ? report_bug+0x2b3/0x500 [ 73.379814][ T5090] copy_process+0x2217/0x3df0 [ 73.383258][ T5180] ? __local_bh_enable_ip+0x1be/0x200 [ 73.386177][ T5090] kernel_clone+0x21e/0x8d0 [ 73.392152][ T5180] ? handle_bug+0x3e/0x70 [ 73.396458][ T5090] user_mode_thread+0x132/0x1a0 [ 73.401651][ T5180] ? exc_invalid_op+0x1a/0x50 [ 73.407166][ T5090] rest_init+0x27/0x300 [ 73.412686][ T5180] ? asm_exc_invalid_op+0x1a/0x20 [ 73.417299][ T5090] arch_call_rest_init+0xe/0x10 [ 73.422560][ T5180] ? sock_map_unref+0x401/0x5e0 [ 73.427904][ T5090] start_kernel+0x47a/0x500 [ 73.433092][ T5180] ? __local_bh_enable_ip+0x1be/0x200 [ 73.437571][ T5090] x86_64_start_reservations+0x2a/0x30 [ 73.442924][ T5180] ? sock_map_unref+0x401/0x5e0 [ 73.447657][ T5090] x86_64_start_kernel+0x99/0xa0 [ 73.452480][ T5180] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 73.457619][ T5090] common_startup_64+0x13e/0x147 [ 73.463228][ T5180] ? do_raw_spin_unlock+0x13c/0x8b0 [ 73.468365][ T5090] [ 73.468365][ T5090] -> #4 ( [ 73.473456][ T5180] ? sock_map_unref+0x3ac/0x5e0 [ 73.478883][ T5090] &p->pi_lock){-.-.}-{2:2} [ 73.484930][ T5180] sock_map_unref+0x401/0x5e0 [ 73.489853][ T5090] : [ 73.489859][ T5090] lock_acquire+0x1e4/0x530 [ 73.495309][ T5180] sock_map_delete_elem+0xc0/0x140 [ 73.501179][ T5090] _raw_spin_lock_irqsave+0xd5/0x120 [ 73.506621][ T5180] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 73.511808][ T5090] try_to_wake_up+0xb0/0x1470 [ 73.516895][ T5180] bpf_trace_run2+0x204/0x420 [ 73.521743][ T5090] __wake_up_common_lock+0x130/0x1e0 [ 73.526669][ T5180] ? bpf_trace_run2+0x114/0x420 [ 73.531326][ T5090] tty_port_default_wakeup+0xa6/0xf0 [ 73.533738][ T5180] ? __pfx_bpf_trace_run2+0x10/0x10 [ 73.539257][ T5090] serial8250_tx_chars+0x6ad/0x8a0 [ 73.544623][ T5180] ? trace_tlb_flush+0x59/0x120 [ 73.550770][ T5090] serial8250_handle_irq+0x558/0x710 [ 73.556583][ T5180] trace_tlb_flush+0xfa/0x120 [ 73.561746][ T5090] serial8250_default_handle_irq+0xd1/0x1f0 [ 73.566671][ T5180] switch_mm_irqs_off+0x7cb/0xae0 [ 73.572636][ T5090] serial8250_interrupt+0xa9/0x1f0 [ 73.577563][ T5180] ? __pfx_switch_mm_irqs_off+0x10/0x10 [ 73.583508][ T5090] __handle_irq_event_percpu+0x28a/0xa30 [ 73.589114][ T5180] ? text_poke_memcpy+0x25/0x30 [ 73.594719][ T5090] handle_irq_event+0x89/0x1f0 [ 73.599541][ T5180] ? __asan_memcpy+0x40/0x70 [ 73.605404][ T5090] handle_edge_irq+0x25f/0xc20 [ 73.610058][ T5180] __text_poke+0x8f7/0xd30 [ 73.616472][ T5090] __common_interrupt+0x138/0x230 [ 73.621481][ T5180] ? trace_tlb_flush+0x6/0x120 [ 73.627342][ T5090] common_interrupt+0xa5/0xd0 [ 73.632859][ T5180] ? __pfx_text_poke_memcpy+0x10/0x10 [ 73.639177][ T5090] asm_common_interrupt+0x26/0x40 [ 73.644092][ T5180] ? __pfx___text_poke+0x10/0x10 [ 73.649347][ T5090] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 73.654003][ T5180] ? __pfx___might_resched+0x10/0x10 [ 73.659254][ T5090] serial_port_runtime_resume+0x204/0x2b0 [ 73.663730][ T5180] ? __mutex_trylock_common+0x183/0x2e0 [ 73.669350][ T5090] __rpm_callback+0x2df/0x790 [ 73.674176][ T5180] ? __pfx___might_resched+0x10/0x10 [ 73.679345][ T5090] rpm_resume+0x10b2/0x1af0 [ 73.684695][ T5180] ? trace_tlb_flush+0x6/0x120 [ 73.690388][ T5090] pm_runtime_work+0x147/0x210 [ 73.695305][ T5180] text_poke_bp_batch+0x265/0xb30 [ 73.701873][ T5090] process_scheduled_works+0xa00/0x1770 [ 73.707404][ T5180] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 73.713867][ T5090] worker_thread+0x86d/0xd70 [ 73.719658][ T5180] ? __pfx___mutex_lock+0x10/0x10 [ 73.724925][ T5090] kthread+0x2f0/0x390 [ 73.730382][ T5180] ? arch_jump_label_transform_queue+0x9b/0x100 [ 73.735661][ T5090] ret_from_fork+0x4b/0x80 [ 73.740414][ T5180] text_poke_finish+0x30/0x50 [ 73.745774][ T5090] ret_from_fork_asm+0x1a/0x30 [ 73.751032][ T5180] arch_jump_label_transform_apply+0x1c/0x30 [ 73.757157][ T5090] [ 73.757157][ T5090] -> #3 ( [ 73.763022][ T5180] static_key_enable_cpuslocked+0x136/0x260 [ 73.768286][ T5090] &tty->write_wait [ 73.773369][ T5180] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 73.778835][ T5090] ){-.-.}-{2:2} [ 73.785139][ T5180] static_key_enable+0x1a/0x20 [ 73.790046][ T5090] : [ 73.790052][ T5090] lock_acquire+0x1e4/0x530 [ 73.794699][ T5180] tracepoint_add_func+0x953/0x9e0 [ 73.800041][ T5090] _raw_spin_lock_irqsave+0xd5/0x120 [ 73.806082][ T5180] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 73.811246][ T5090] __wake_up_common_lock+0x25/0x1e0 [ 73.817204][ T5180] tracepoint_probe_register_prio_may_exist+0x122/0x190 [ 73.820985][ T5090] tty_port_default_wakeup+0xa6/0xf0 [ 73.826767][ T5180] ? __pfx_tracepoint_probe_register_prio_may_exist+0x10/0x10 [ 73.830487][ T5090] serial8250_tx_chars+0x6ad/0x8a0 [ 73.835394][ T5180] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 73.837796][ T5090] serial8250_handle_irq+0x558/0x710 [ 73.842799][ T5180] ? anon_inode_getfile+0xff/0x180 [ 73.848169][ T5090] serial8250_default_handle_irq+0xd1/0x1f0 [ 73.853964][ T5180] ? bpf_probe_register+0x117/0x1d0 [ 73.859925][ T5090] serial8250_interrupt+0xa9/0x1f0 [ 73.865897][ T5180] bpf_raw_tp_link_attach+0x470/0x6d0 [ 73.872889][ T5090] __handle_irq_event_percpu+0x28a/0xa30 [ 73.878760][ T5180] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 73.886370][ T5090] handle_irq_event+0x89/0x1f0 [ 73.892373][ T5180] bpf_raw_tracepoint_open+0x19d/0x210 [ 73.898319][ T5090] handle_edge_irq+0x25f/0xc20 [ 73.904380][ T5180] __sys_bpf+0x3c0/0x810 [ 73.909651][ T5090] __common_interrupt+0x138/0x230 [ 73.916936][ T5180] ? __pfx___sys_bpf+0x10/0x10 [ 73.922146][ T5090] common_interrupt+0xa5/0xd0 [ 73.928038][ T5180] ? xfd_validate_state+0x6e/0x150 [ 73.933399][ T5090] asm_common_interrupt+0x26/0x40 [ 73.939808][ T5180] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 73.945882][ T5090] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 73.951166][ T5180] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 73.956690][ T5090] serial_port_runtime_resume+0x204/0x2b0 [ 73.962133][ T5180] ? do_syscall_64+0x10a/0x240 [ 73.966417][ T5090] __rpm_callback+0x2df/0x790 [ 73.972024][ T5180] __x64_sys_bpf+0x7c/0x90 [ 73.976800][ T5090] rpm_resume+0x10b2/0x1af0 [ 73.982145][ T5180] do_syscall_64+0xfb/0x240 [ 73.987227][ T5090] pm_runtime_work+0x147/0x210 [ 73.992935][ T5180] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 73.999094][ T5090] process_scheduled_works+0xa00/0x1770 [ 74.005384][ T5180] RIP: 0033:0x7f6759a7de69 [ 74.011779][ T5090] worker_thread+0x86d/0xd70 [ 74.018803][ T5180] Code: Unable to access opcode bytes at 0x7f6759a7de3f. [ 74.023557][ T5090] kthread+0x2f0/0x390 [ 74.028739][ T5180] RSP: 002b:00007f675a82f0c8 EFLAGS: 00000246 [ 74.033314][ T5090] ret_from_fork+0x4b/0x80 [ 74.038335][ T5180] ORIG_RAX: 0000000000000141 [ 74.042906][ T5090] ret_from_fork_asm+0x1a/0x30 [ 74.048183][ T5180] RAX: ffffffffffffffda RBX: 00007f6759babf80 RCX: 00007f6759a7de69 [ 74.054159][ T5090] [ 74.054159][ T5090] -> #2 ( [ 74.060473][ T5180] RDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000011 [ 74.064869][ T5090] &port_lock_key){-.-.}-{2:2} [ 74.070212][ T5180] RBP: 00007f6759aca47a R08: 0000000000000000 R09: 0000000000000000 [ 74.077463][ T5090] : [ 74.077469][ T5090] lock_acquire+0x1e4/0x530 [ 74.082197][ T5180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.088320][ T5090] _raw_spin_lock_irqsave+0xd5/0x120 [ 74.093573][ T5180] R13: 000000000000000b R14: 00007f6759babf80 R15: 00007ffe68819a58 [ 74.098308][ T5090] serial8250_console_write+0x1a8/0x1840 [ 74.103989][ T5180] [ 74.112052][ T5090] console_flush_all+0x80b/0xec0 [ 74.117232][ T5180] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 74.117242][ T5180] CPU: 0 PID: 5180 Comm: syz-executor.4 Not tainted 6.8.0-syzkaller-05236-g443574b03387 #0 [ 74.117260][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 74.117270][ T5180] Call Trace: [ 74.117279][ T5180] [ 74.117286][ T5180] dump_stack_lvl+0x1e7/0x2e0 [ 74.117313][ T5180] ? __pfx_dump_stack_lvl+0x10/0x10 [ 74.117333][ T5180] ? __pfx__printk+0x10/0x10 [ 74.117355][ T5180] ? vscnprintf+0x5d/0x90 [ 74.117378][ T5180] panic+0x349/0x860 [ 74.117398][ T5180] ? __warn+0x172/0x4b0 [ 74.117419][ T5180] ? __pfx_panic+0x10/0x10 [ 74.117446][ T5180] __warn+0x31e/0x4b0 [ 74.117467][ T5180] ? __local_bh_enable_ip+0x1be/0x200 [ 74.117486][ T5180] report_bug+0x2b3/0x500 [ 74.117509][ T5180] ? __local_bh_enable_ip+0x1be/0x200 [ 74.117528][ T5180] handle_bug+0x3e/0x70 [ 74.117549][ T5180] exc_invalid_op+0x1a/0x50 [ 74.117570][ T5180] asm_exc_invalid_op+0x1a/0x20 [ 74.117593][ T5180] RIP: 0010:__local_bh_enable_ip+0x1be/0x200 [ 74.117613][ T5180] Code: 3b 44 24 60 75 52 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 90 0f 0b 90 e9 ca fe ff ff e8 55 00 00 00 eb 9c 90 <0f> 0b 90 e9 fa fe ff ff 48 c7 c1 9c e1 86 8f 80 e1 07 80 c1 03 38 [ 74.117626][ T5180] RSP: 0018:ffffc90004797340 EFLAGS: 00010046 [ 74.117642][ T5180] RAX: 0000000000000000 RBX: 1ffff920008f2e6c RCX: 0000000000000000 [ 74.117653][ T5180] RDX: 0000000000000000 RSI: 0000000000000201 RDI: ffffffff895ffd51 [ 74.117664][ T5180] RBP: ffffc900047973e8 R08: ffff888061bbd27b R09: 1ffff1100c377a4f [ 74.117677][ T5180] R10: dffffc0000000000 R11: ffffed100c377a50 R12: dffffc0000000000 [ 74.117690][ T5180] R13: 0000000000000001 R14: ffffc90004797380 R15: 0000000000000201 [ 74.117706][ T5180] ? sock_map_unref+0x401/0x5e0 [ 74.117728][ T5180] ? sock_map_unref+0x401/0x5e0 [ 74.117747][ T5180] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 74.117762][ T5180] ? do_raw_spin_unlock+0x13c/0x8b0 [ 74.117786][ T5180] ? sock_map_unref+0x3ac/0x5e0 [ 74.117806][ T5180] sock_map_unref+0x401/0x5e0 [ 74.117829][ T5180] sock_map_delete_elem+0xc0/0x140 [ 74.117854][ T5180] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 74.117872][ T5180] bpf_trace_run2+0x204/0x420 [ 74.117891][ T5180] ? bpf_trace_run2+0x114/0x420 [ 74.117908][ T5180] ? __pfx_bpf_trace_run2+0x10/0x10 [ 74.117927][ T5180] ? trace_tlb_flush+0x59/0x120 [ 74.117954][ T5180] trace_tlb_flush+0xfa/0x120 [ 74.117978][ T5180] switch_mm_irqs_off+0x7cb/0xae0 [ 74.118007][ T5180] ? __pfx_switch_mm_irqs_off+0x10/0x10 [ 74.118031][ T5180] ? text_poke_memcpy+0x25/0x30 [ 74.118051][ T5180] ? __asan_memcpy+0x40/0x70 [ 74.118069][ T5180] __text_poke+0x8f7/0xd30 [ 74.118090][ T5180] ? trace_tlb_flush+0x6/0x120 [ 74.118113][ T5180] ? __pfx_text_poke_memcpy+0x10/0x10 [ 74.118134][ T5180] ? __pfx___text_poke+0x10/0x10 [ 74.118156][ T5180] ? __pfx___might_resched+0x10/0x10 [ 74.118175][ T5180] ? __mutex_trylock_common+0x183/0x2e0 [ 74.118196][ T5180] ? __pfx___might_resched+0x10/0x10 [ 74.118219][ T5180] ? trace_tlb_flush+0x6/0x120 [ 74.118242][ T5180] text_poke_bp_batch+0x265/0xb30 [ 74.118268][ T5180] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 74.118286][ T5180] ? __pfx___mutex_lock+0x10/0x10 [ 74.118310][ T5180] ? arch_jump_label_transform_queue+0x9b/0x100 [ 74.118337][ T5180] text_poke_finish+0x30/0x50 [ 74.118355][ T5180] arch_jump_label_transform_apply+0x1c/0x30 [ 74.118378][ T5180] static_key_enable_cpuslocked+0x136/0x260 [ 74.118395][ T5180] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 74.118412][ T5180] static_key_enable+0x1a/0x20 [ 74.118427][ T5180] tracepoint_add_func+0x953/0x9e0 [ 74.118453][ T5180] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 74.118471][ T5180] tracepoint_probe_register_prio_may_exist+0x122/0x190 [ 74.118498][ T5180] ? __pfx_tracepoint_probe_register_prio_may_exist+0x10/0x10 [ 74.118523][ T5180] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 74.118540][ T5180] ? anon_inode_getfile+0xff/0x180 [ 74.118557][ T5180] ? bpf_probe_register+0x117/0x1d0 [ 74.118578][ T5180] bpf_raw_tp_link_attach+0x470/0x6d0 [ 74.118601][ T5180] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 74.118637][ T5180] bpf_raw_tracepoint_open+0x19d/0x210 [ 74.118658][ T5180] __sys_bpf+0x3c0/0x810 [ 74.118677][ T5180] ? __pfx___sys_bpf+0x10/0x10 [ 74.118693][ T5180] ? xfd_validate_state+0x6e/0x150 [ 74.118722][ T5180] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 74.118740][ T5180] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 74.118759][ T5180] ? do_syscall_64+0x10a/0x240 [ 74.118780][ T5180] __x64_sys_bpf+0x7c/0x90 [ 74.118797][ T5180] do_syscall_64+0xfb/0x240 [ 74.118819][ T5180] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 74.118847][ T5180] RIP: 0033:0x7f6759a7de69 [ 74.118860][ T5180] Code: Unable to access opcode bytes at 0x7f6759a7de3f. [ 74.118868][ T5180] RSP: 002b:00007f675a82f0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 74.118885][ T5180] RAX: ffffffffffffffda RBX: 00007f6759babf80 RCX: 00007f6759a7de69 [ 74.118898][ T5180] RDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000011 [ 74.118908][ T5180] RBP: 00007f6759aca47a R08: 0000000000000000 R09: 0000000000000000 [ 74.118919][ T5180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.118928][ T5180] R13: 000000000000000b R14: 00007f6759babf80 R15: 00007ffe68819a58 [ 74.118948][ T5180] [ 74.125432][ T5090] console_unlock+0x13b/0x4d0 [ 74.125463][ T5090] vprintk_emit+0x509/0x720 [ 74.125478][ T5090] _printk+0xd5/0x120 [ 74.125493][ T5090] register_console+0x70a/0xcd0 [ 74.125510][ T5090] univ8250_console_init+0x49/0x50 [ 74.125530][ T5090] console_init+0x198/0x680 [ 74.125543][ T5090] start_kernel+0x2d3/0x500 [ 74.125555][ T5090] x86_64_start_reservations+0x2a/0x30 [ 74.125572][ T5090] x86_64_start_kernel+0x99/0xa0 [ 74.125587][ T5090] common_startup_64+0x13e/0x147 [ 74.125603][ T5090] [ 74.125603][ T5090] -> #1 (console_owner){....}-{0:0}: [ 74.125628][ T5090] lock_acquire+0x1e4/0x530 [ 74.125641][ T5090] console_flush_all+0x7ba/0xec0 [ 74.125658][ T5090] console_unlock+0x13b/0x4d0 [ 74.125673][ T5090] vprintk_emit+0x509/0x720 [ 74.125687][ T5090] _printk+0xd5/0x120 [ 74.125700][ T5090] report_bug+0x346/0x500 [ 74.125718][ T5090] handle_bug+0x3e/0x70 [ 74.125735][ T5090] exc_invalid_op+0x1a/0x50 [ 74.125751][ T5090] asm_exc_invalid_op+0x1a/0x20 [ 74.125769][ T5090] __local_bh_enable_ip+0x1be/0x200 [ 74.125783][ T5090] sock_map_unref+0x401/0x5e0 [ 74.125799][ T5090] sock_map_delete_elem+0xc0/0x140 [ 74.125812][ T5090] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 74.125828][ T5090] bpf_trace_run2+0x204/0x420 [ 74.125843][ T5090] trace_tlb_flush+0xfa/0x120 [ 74.125862][ T5090] switch_mm_irqs_off+0x7cb/0xae0 [ 74.125880][ T5090] __text_poke+0x8f7/0xd30 [ 74.125895][ T5090] text_poke_bp_batch+0x265/0xb30 [ 74.125916][ T5090] text_poke_finish+0x30/0x50 [ 74.125931][ T5090] arch_jump_label_transform_apply+0x1c/0x30 [ 74.125948][ T5090] static_key_enable_cpuslocked+0x136/0x260 [ 74.125962][ T5090] static_key_enable+0x1a/0x20 [ 74.125973][ T5090] tracepoint_add_func+0x953/0x9e0 [ 74.125992][ T5090] tracepoint_probe_register_prio_may_exist+0x122/0x190 [ 74.126011][ T5090] bpf_raw_tp_link_attach+0x470/0x6d0 [ 74.126029][ T5090] bpf_raw_tracepoint_open+0x19d/0x210 [ 74.126044][ T5090] __sys_bpf+0x3c0/0x810 [ 74.126057][ T5090] __x64_sys_bpf+0x7c/0x90 [ 74.126069][ T5090] do_syscall_64+0xfb/0x240 [ 74.126085][ T5090] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 74.126103][ T5090] [ 74.126103][ T5090] -> #0 (&stab->lock){+...}-{2:2}: [ 74.126123][ T5090] validate_chain+0x18cb/0x58e0 [ 74.126138][ T5090] __lock_acquire+0x1346/0x1fd0 [ 74.126156][ T5090] lock_acquire+0x1e4/0x530 [ 74.126168][ T5090] _raw_spin_lock_bh+0x35/0x50 [ 74.126183][ T5090] sock_map_delete_elem+0x97/0x140 [ 74.126196][ T5090] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 74.126208][ T5090] bpf_trace_run2+0x204/0x420 [ 74.126222][ T5090] trace_tlb_flush+0xfa/0x120 [ 74.126240][ T5090] switch_mm_irqs_off+0x7cb/0xae0 [ 74.126259][ T5090] __schedule+0x1054/0x4a20 [ 74.126274][ T5090] preempt_schedule_notrace+0x100/0x140 [ 74.126290][ T5090] preempt_schedule_notrace_thunk+0x1a/0x30 [ 74.126305][ T5090] rcu_is_watching+0x7e/0xb0 [ 74.126318][ T5090] lock_release+0xbf/0x9d0 [ 74.126330][ T5090] __mutex_unlock_slowpath+0xe2/0x750 [ 74.126348][ T5090] process_scheduled_works+0xa00/0x1770 [ 74.126361][ T5090] worker_thread+0x86d/0xd70 [ 74.126374][ T5090] kthread+0x2f0/0x390 [ 74.126389][ T5090] ret_from_fork+0x4b/0x80 [ 74.126407][ T5090] ret_from_fork_asm+0x1a/0x30 [ 74.126426][ T5090] [ 74.126426][ T5090] other info that might help us debug this: [ 74.126426][ T5090] [ 74.126430][ T5090] Chain exists of: [ 74.126430][ T5090] &stab->lock --> &p->pi_lock --> &rq->__lock [ 74.126430][ T5090] [ 74.126453][ T5090] Possible unsafe locking scenario: [ 74.126453][ T5090] [ 74.126457][ T5090] CPU0 CPU1 [ 74.126460][ T5090] ---- ---- [ 74.126463][ T5090] lock(&rq->__lock); [ 74.126473][ T5090] lock(&p->pi_lock); [ 74.126482][ T5090] lock(&rq->__lock); [ 74.126492][ T5090] lock(&stab->lock); [ 74.126500][ T5090] [ 74.126500][ T5090] *** DEADLOCK *** [ 74.126500][ T5090] [ 74.126504][ T5090] 5 locks held by kworker/1:3/5090: [ 74.126512][ T5090] #0: ffff888014c78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x8e0/0x1770 [ 74.126549][ T5090] #1: ffffc90003e77d00 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x91b/0x1770 [ 74.126584][ T5090] #2: ffff88807e348768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: cfg80211_wiphy_work+0x35/0x260 [ 74.126621][ T5090] #3: ffff8880b953e158 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 74.126662][ T5090] #4: ffffffff8e131920 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x114/0x420 [ 74.126697][ T5090] [ 74.126697][ T5090] stack backtrace: [ 74.126702][ T5090] CPU: 1 PID: 5090 Comm: kworker/1:3 Not tainted 6.8.0-syzkaller-05236-g443574b03387 #0 [ 74.126717][ T5090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 74.126726][ T5090] Workqueue: events cfg80211_wiphy_work [ 74.126741][ T5090] Call Trace: [ 74.126750][ T5090] [ 74.126756][ T5090] dump_stack_lvl+0x1e7/0x2e0 [ 74.126776][ T5090] ? __pfx_dump_stack_lvl+0x10/0x10 [ 74.126798][ T5090] ? print_circular_bug+0x130/0x1a0 [ 74.126817][ T5090] check_noncircular+0x36a/0x4a0 [ 74.126837][ T5090] ? __pfx_check_noncircular+0x10/0x10 [ 74.126855][ T5090] ? lockdep_lock+0x123/0x2b0 [ 74.126877][ T5090] ? validate_chain+0x11b/0x58e0 [ 74.126893][ T5090] ? __pfx_validate_chain+0x10/0x10 [ 74.126916][ T5090] ? _find_first_zero_bit+0xd4/0x100 [ 74.126936][ T5090] validate_chain+0x18cb/0x58e0 [ 74.126958][ T5090] ? __pfx_validate_chain+0x10/0x10 [ 74.126979][ T5090] ? __pfx_validate_chain+0x10/0x10 [ 74.127000][ T5090] ? __pfx_validate_chain+0x10/0x10 [ 74.127016][ T5090] ? mark_lock+0x9a/0x350 [ 74.127034][ T5090] ? validate_chain+0x11b/0x58e0 [ 74.127055][ T5090] ? __pfx_rcu_read_lock_sched_held+0x10/0x10 [ 74.127073][ T5090] ? mark_lock+0x9a/0x350 [ 74.127090][ T5090] __lock_acquire+0x1346/0x1fd0 [ 74.127112][ T5090] lock_acquire+0x1e4/0x530 [ 74.127126][ T5090] ? sock_map_delete_elem+0x97/0x140 [ 74.127141][ T5090] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 74.127157][ T5090] ? __pfx_lock_acquire+0x10/0x10 [ 74.127175][ T5090] ? sock_map_delete_elem+0x97/0x140 [ 74.127189][ T5090] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 74.127205][ T5090] ? __lock_acquire+0x1346/0x1fd0 [ 74.127220][ T5090] ? __pfx___cant_migrate+0x10/0x10 [ 74.127236][ T5090] ? sock_map_delete_elem+0x97/0x140 [ 74.127251][ T5090] _raw_spin_lock_bh+0x35/0x50 [ 74.127267][ T5090] ? sock_map_delete_elem+0x97/0x140 [ 74.127282][ T5090] sock_map_delete_elem+0x97/0x140 [ 74.127298][ T5090] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 74.127313][ T5090] bpf_trace_run2+0x204/0x420 [ 74.127329][ T5090] ? bpf_trace_run2+0x114/0x420 [ 74.127344][ T5090] ? __pfx_bpf_trace_run2+0x10/0x10 [ 74.127360][ T5090] ? trace_tlb_flush+0x59/0x120 [ 74.127383][ T5090] trace_tlb_flush+0xfa/0x120 [ 74.127403][ T5090] switch_mm_irqs_off+0x7cb/0xae0 [ 74.127428][ T5090] ? __pfx_switch_mm_irqs_off+0x10/0x10 [ 74.127453][ T5090] __schedule+0x1054/0x4a20 [ 74.127480][ T5090] ? __pfx___schedule+0x10/0x10 [ 74.127503][ T5090] ? _printk+0xd5/0x120 [ 74.127518][ T5090] ? process_scheduled_works+0xa00/0x1770 [ 74.127533][ T5090] preempt_schedule_notrace+0x100/0x140 [ 74.127551][ T5090] ? __pfx_preempt_schedule_notrace+0x10/0x10 [ 74.127568][ T5090] ? __cfg80211_get_bss+0x8f2/0xaf0 [ 74.127590][ T5090] ? ieee80211_sta_create_ibss+0x2f9/0x650 [ 74.127608][ T5090] preempt_schedule_notrace_thunk+0x1a/0x30 [ 74.127624][ T5090] ? lock_release+0xb0/0x9d0 [ 74.127639][ T5090] rcu_is_watching+0x7e/0xb0 [ 74.127654][ T5090] lock_release+0xbf/0x9d0 [ 74.127671][ T5090] ? ieee80211_ibss_work+0xde5/0x14c0 [ 74.127685][ T5090] ? __pfx_lock_release+0x10/0x10 [ 74.127703][ T5090] ? __pfx_ieee80211_ibss_work+0x10/0x10 [ 74.127718][ T5090] ? process_scheduled_works+0xa00/0x1770 [ 74.127733][ T5090] __mutex_unlock_slowpath+0xe2/0x750 [ 74.127752][ T5090] ? skb_dequeue+0x113/0x150 [ 74.127765][ T5090] ? ieee80211_iface_work+0xc0b/0xf10 [ 74.127782][ T5090] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 74.127806][ T5090] ? cfg80211_wiphy_work+0x221/0x260 [ 74.127822][ T5090] ? process_scheduled_works+0x91b/0x1770 [ 74.127837][ T5090] process_scheduled_works+0xa00/0x1770 [ 74.127863][ T5090] ? __pfx_process_scheduled_works+0x10/0x10 [ 74.127881][ T5090] ? assign_work+0x364/0x3d0 [ 74.127897][ T5090] worker_thread+0x86d/0xd70 [ 74.127921][ T5090] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 74.127939][ T5090] ? __kthread_parkme+0x169/0x1d0 [ 74.127956][ T5090] ? __pfx_worker_thread+0x10/0x10 [ 74.127971][ T5090] kthread+0x2f0/0x390 [ 74.127988][ T5090] ? __pfx_worker_thread+0x10/0x10 [ 74.128002][ T5090] ? __pfx_kthread+0x10/0x10 [ 74.128019][ T5090] ret_from_fork+0x4b/0x80 [ 74.128038][ T5090] ? __pfx_kthread+0x10/0x10 [ 74.128054][ T5090] ret_from_fork_asm+0x1a/0x30 [ 74.128079][ T5090] [ 75.193269][ T5180] Shutting down cpus with NMI [ 76.700487][ T5180] Kernel Offset: disabled [ 76.705008][ T5180] Rebooting in 86400 seconds..