last executing test programs: 3m2.555268773s ago: executing program 3 (id=98): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x1c, 0x16, 0xa01, 0x70bd2d, 0x3, {0xfd}, [@typed={0x4}, @nested={0x4, 0x2}]}, 0x1c}}, 0x40040) 3m2.237407705s ago: executing program 3 (id=102): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') fchdir(r0) creat(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 3m1.928078184s ago: executing program 3 (id=108): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00010000000000000000001c0000000000", @ANYRES8=0x0, @ANYRES32=r0], 0x30}}, 0x0) 3m1.612884318s ago: executing program 3 (id=111): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={@mcast1, @mcast1, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r1}) 3m1.175207117s ago: executing program 4 (id=116): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = mq_open(&(0x7f0000000600)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdF\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1b\xf4\xce\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|9\x90\x8d\xf4r\xd9*\xd1\x83\n\x1a\xa8fa2\xd4:^\xd7a\x0f\x12}\a\x9d\xc9h\x02\xbe\xeb\x01\xd39LS\xefJ\xcc<\xc4\xc0\xb4A\xab{\x1b\x15<\x95\x02\xae\xfdT\x98\xf4\x85\a\x01@\x12\xe0<3\xb4\x97\xb6W\x84K\xd7\xc5\xf47\xed\xda4\xe2W\xb6r\xca\x1e\x90\xef\x13\xf1&~\x97n\x9f\x8eS\xa8R\xf6\x9d{9\x1bN\x81\x18~\xd7{', 0x42, 0x100, 0x0) mq_timedreceive(r0, 0x0, 0x0, 0x0, 0x0) 3m1.121345773s ago: executing program 3 (id=117): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r0) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000d80)={0x14, r1, 0x419, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4008080}, 0x4040) 3m0.935381691s ago: executing program 4 (id=118): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='veth1_to_bond\x00', 0x10) bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c) 3m0.870441614s ago: executing program 3 (id=120): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r1, r0, &(0x7f0000002080)=0x3a, 0x23b) 3m0.638937994s ago: executing program 4 (id=122): r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000580)}, {&(0x7f0000000ac0)="07d98d396058a855921d034d0fb8034a5317ce586c382c8d41f8212309f82dd261e5f9263338a10244d7b49f8608f304ee79d951cd4ca8c44b84d8b2da6feb009a0d53224f69c7a037105aa12b36d0f2fa926dad5b4a129773ae0025ee2dccc42c4cc23ddd896f77e5b427f7950212eaeb0dd9c789f8def4d9fbf6274bbf72f31c5a548464395d9a68564fc12ef2196d7eac2b93ba137c89c360011aa0c15d2a0db9dfc760b6e069968685b051123d404ba4e94ccfdfebeaa7a30c8de388e00edff56b0c6968ec98e00ad8decf9dec77295a37e60510e906474b55034f7f6594c92e49dd422bb4346631b852e64add94f0ee30da8e199a89d8969df24601639c324ea084f8b00dbb3322aa7b1759fde71e4279841257c589725c12070d0cd41423d566d8b73b2936119519e31f4c8243e9207e688e77550867081b9b685d277a4800", 0xfffffd6b}, {&(0x7f0000000640)="74a892e6122d0e9da29a40f6060049f3ab51554d", 0x14}], 0x3, &(0x7f00000005c0)=ANY=[], 0x158}, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x4c, &(0x7f00000003c0), 0x5f) 3m0.506999569s ago: executing program 2 (id=124): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0) sendmsg$DEVLINK_CMD_TRAP_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x50, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}]}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x40004) 3m0.505898979s ago: executing program 0 (id=125): io_setup(0x6, &(0x7f00000003c0)=0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200), 0x40140, 0x0) io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 3m0.244467182s ago: executing program 1 (id=126): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000008c0)={0x14, 0x0, &(0x7f0000000840)=[@increfs_done={0x40106308, 0x2}], 0x0, 0x0, 0x0}) 3m0.199217893s ago: executing program 2 (id=127): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0) geteuid() 2m59.958734177s ago: executing program 0 (id=128): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000340), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000003c0)={{0x1, 0x0, 0x101, 0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, 0x0) 2m59.890538489s ago: executing program 2 (id=129): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f04000000000000000000850000000f000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0) 2m59.835204888s ago: executing program 1 (id=130): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) getsockopt$bt_hci(r0, 0x0, 0x3, 0x0, 0x0) 2m59.590566169s ago: executing program 1 (id=131): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) sendmmsg(r0, &(0x7f0000000b80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000009c0)=@can, 0x80, 0x0, 0x0, &(0x7f00000031c0)=ANY=[@ANYBLOB="70000000000000000c010000ff7f000045488024b04dcd02c43fa1170895e9a2f697306fe172de91f6c84ec6936cff4587096b1211fca067fe560c4848ec9943c9021635deeea9b8bdd379a58affc0c051c33c424c8f83635f8aebdadb4dba6388c0a6f057ed49491d787cb538590000900000000000000001000000fcb5"], 0x11b0}}], 0x2, 0x24004810) 2m59.589623919s ago: executing program 0 (id=132): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000010000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='signal_generate\x00', r0}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 2m59.564933984s ago: executing program 2 (id=133): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10) close(0x3) 2m59.443671226s ago: executing program 4 (id=134): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x46, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x38, 0x0, 0x0, 0x2, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x1, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x4, 0xd}, @mss={0x2, 0x4, 0x5df4}, @sack={0x5, 0x2}]}}}}}}}, 0x0) 2m59.338600186s ago: executing program 0 (id=135): r0 = syz_open_dev$sg(&(0x7f0000000140), 0x0, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x81, 0xffffffff}) ioctl$SG_IO(r0, 0x2285, &(0x7f0000001340)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="5500c20b252f", 0x0, 0x2000005, 0x0, 0x2000, 0x0}) 2m59.312101946s ago: executing program 2 (id=136): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0x29}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfffe, 0xe, 0x0, &(0x7f0000000300)="14fd54ab72df97e6256c00000000", 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2m59.027521353s ago: executing program 1 (id=137): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x20, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8}]}]}, 0x20}}, 0x0) 2m58.908340076s ago: executing program 4 (id=138): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="40010000", @ANYRES16=r1, @ANYBLOB="010027bd70000000180001000000080001000000000004000480080002000100000010000c800c000b8008000a00326c3000080108"], 0x140}}, 0x0) 2m58.806259798s ago: executing program 0 (id=139): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) map_shadow_stack(&(0x7f00001bc000/0x2000)=nil, 0x2000, 0x1) 2m58.373651717s ago: executing program 1 (id=140): r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000080)="01", 0x1, 0xffffffffffffffff) r1 = add_key$user(&(0x7f0000000140), &(0x7f0000002840)={'syz', 0x0}, &(0x7f0000002880)="f40fc24077021c9b084c60ffc26f26db12b9e78d629870bb26edb4a5e1cc0942ed8c58ca4fe84b94a0e31ea64089ee9ca1efb52945ffebbfea11dd3d0df936a10285eccab940ab5c96cb5d81dac1ad2243d878dde6cfd6ea08d5abcb00bb35436929ddabce530b63fab525337057438cf64a506d54d5c83e3e593d1d53ad0e6a44168fe8cfc6ad98b653d80636e4ddc1f2ab58762b3494250b9557f5b606a43e50874c90143034142cd5f7bd9b4dd876b97b7feb75b9138dde818a3c6b96dd80", 0xc0, 0xfffffffffffffffb) keyctl$dh_compute(0x17, &(0x7f0000000300)={r0, r1, r1}, &(0x7f0000001380)=""/4098, 0x1002, 0x0) 2m58.161847085s ago: executing program 4 (id=141): r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) setsockopt$MRT_DONE(r0, 0x0, 0xc9, 0x0, 0x0) 2m58.034871426s ago: executing program 0 (id=142): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301) ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000000)=0x2d265528) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"}) 2m57.991406083s ago: executing program 2 (id=143): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=@newlink={0x1c8, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1a8, 0x1a, 0x0, 0x1, [@AF_INET={0x1a4, 0x2, 0x0, 0x1, {0x99, 0x1, 0x0, 0x1, [{0x8, 0x21}, {0x8, 0x18}, {0x38, 0x3}, {0x8, 0x9}, {0x8, 0xc}, {0x38, 0x12}, {0x8, 0x1f}]}}, @AF_INET6={0x60, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private1}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFLA_INET6_TOKEN={0xfffffffffffffdb3, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x0, 0x7, @local}, @IFLA_INET6_ADDR_GEN_MODE={0x0, 0x8, 0x1}, @IFLA_INET6_ADDR_GEN_MODE={0x5}]}, @AF_BRIDGE={0x4}, @AF_MPLS, @AF_INET6={0x2c, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private0}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x56, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_BRIDGE]}, @IFLA_NUM_RX_QUEUES={0x0, 0x20, 0x4}]}, 0x1c8}}, 0x0) 2m41.717734985s ago: executing program 1 (id=144): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000380)=0x2) ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0) 2m7.356796009s ago: executing program 32 (id=142): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301) ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000000)=0x2d265528) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"}) 1m49.973923257s ago: executing program 33 (id=143): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=@newlink={0x1c8, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x1a8, 0x1a, 0x0, 0x1, [@AF_INET={0x1a4, 0x2, 0x0, 0x1, {0x99, 0x1, 0x0, 0x1, [{0x8, 0x21}, {0x8, 0x18}, {0x38, 0x3}, {0x8, 0x9}, {0x8, 0xc}, {0x38, 0x12}, {0x8, 0x1f}]}}, @AF_INET6={0x60, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private1}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFLA_INET6_TOKEN={0xfffffffffffffdb3, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x0, 0x7, @local}, @IFLA_INET6_ADDR_GEN_MODE={0x0, 0x8, 0x1}, @IFLA_INET6_ADDR_GEN_MODE={0x5}]}, @AF_BRIDGE={0x4}, @AF_MPLS, @AF_INET6={0x2c, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private0}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x56, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_BRIDGE]}, @IFLA_NUM_RX_QUEUES={0x0, 0x20, 0x4}]}, 0x1c8}}, 0x0) 46.021841179s ago: executing program 34 (id=120): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r1, r0, &(0x7f0000002080)=0x3a, 0x23b) 27.435810831s ago: executing program 35 (id=141): r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) setsockopt$MRT_DONE(r0, 0x0, 0xc9, 0x0, 0x0) 0s ago: executing program 36 (id=144): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000380)=0x2) ioctl$PPPIOCSPASS(r0, 0x40107447, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.202' (ED25519) to the list of known hosts. [ 83.190850][ T5824] cgroup: Unknown subsys name 'net' [ 83.434938][ T5824] cgroup: Unknown subsys name 'cpuset' [ 83.510891][ T5824] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 85.142994][ T5824] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.843758][ T1231] cfg80211: failed to load regulatory.db [ 89.134682][ T5851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 89.139029][ T5851] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 89.150434][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.162850][ T5851] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 89.166470][ T5854] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 89.167888][ T5851] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.170920][ T5854] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 89.171609][ T5854] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.171659][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 89.172861][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 89.174342][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 89.174487][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 89.176126][ T5854] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 89.180808][ T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.181601][ T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 89.186242][ T5155] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 89.189670][ T5155] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 89.191708][ T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 89.241470][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 89.242351][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 89.258029][ T5849] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 89.280553][ T5155] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 89.287714][ T5155] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 89.288944][ T5155] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 89.290645][ T5155] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 90.202378][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 90.228996][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 90.269124][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 90.402407][ T5852] chnl_net:caif_netlink_parms(): no params data found [ 90.409822][ T5857] chnl_net:caif_netlink_parms(): no params data found [ 91.241964][ T5155] Bluetooth: hci2: command tx timeout [ 91.241969][ T5843] Bluetooth: hci0: command tx timeout [ 91.264437][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.265486][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.266152][ T5840] bridge_slave_0: entered allmulticast mode [ 91.269193][ T5840] bridge_slave_0: entered promiscuous mode [ 91.311403][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.311551][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.311738][ T5841] bridge_slave_0: entered allmulticast mode [ 91.314533][ T5841] bridge_slave_0: entered promiscuous mode [ 91.320781][ T5843] Bluetooth: hci4: command tx timeout [ 91.320870][ T5155] Bluetooth: hci1: command tx timeout [ 91.320878][ T5843] Bluetooth: hci3: command tx timeout [ 91.424229][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.424332][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.424652][ T5840] bridge_slave_1: entered allmulticast mode [ 91.426165][ T5840] bridge_slave_1: entered promiscuous mode [ 91.601924][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.602138][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.602317][ T5841] bridge_slave_1: entered allmulticast mode [ 91.605131][ T5841] bridge_slave_1: entered promiscuous mode [ 91.606607][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.606741][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.606916][ T5842] bridge_slave_0: entered allmulticast mode [ 91.609631][ T5842] bridge_slave_0: entered promiscuous mode [ 91.951982][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.952123][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.952302][ T5842] bridge_slave_1: entered allmulticast mode [ 91.955059][ T5842] bridge_slave_1: entered promiscuous mode [ 92.063159][ T5852] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.063347][ T5852] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.063851][ T5852] bridge_slave_0: entered allmulticast mode [ 92.065363][ T5852] bridge_slave_0: entered promiscuous mode [ 92.067614][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.067747][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.068238][ T5857] bridge_slave_0: entered allmulticast mode [ 92.070107][ T5857] bridge_slave_0: entered promiscuous mode [ 92.275353][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.275615][ T5852] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.275741][ T5852] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.275908][ T5852] bridge_slave_1: entered allmulticast mode [ 92.277682][ T5852] bridge_slave_1: entered promiscuous mode [ 92.279421][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.279524][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.279632][ T5857] bridge_slave_1: entered allmulticast mode [ 92.283432][ T5857] bridge_slave_1: entered promiscuous mode [ 92.345785][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.423743][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.586290][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.589910][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.879792][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.966202][ T5852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.969419][ T5857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.103070][ T5840] team0: Port device team_slave_0 added [ 93.105791][ T5852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.107905][ T5857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.109450][ T5841] team0: Port device team_slave_0 added [ 93.235525][ T5840] team0: Port device team_slave_1 added [ 93.320754][ T5843] Bluetooth: hci0: command tx timeout [ 93.320785][ T5843] Bluetooth: hci2: command tx timeout [ 93.400600][ T5843] Bluetooth: hci4: command tx timeout [ 93.400632][ T5843] Bluetooth: hci3: command tx timeout [ 93.400648][ T5843] Bluetooth: hci1: command tx timeout [ 93.410142][ T5841] team0: Port device team_slave_1 added [ 93.412862][ T5842] team0: Port device team_slave_0 added [ 93.952639][ T5842] team0: Port device team_slave_1 added [ 94.052167][ T5852] team0: Port device team_slave_0 added [ 94.055848][ T5857] team0: Port device team_slave_0 added [ 94.218879][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.218890][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.218904][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.225807][ T5852] team0: Port device team_slave_1 added [ 94.228395][ T5857] team0: Port device team_slave_1 added [ 94.229909][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.229922][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.229945][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.324442][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.324459][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.324483][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.472864][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.472880][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.472905][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.474486][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.474498][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.474522][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.658145][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.658162][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.658185][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.735068][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.735084][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.735099][ T5857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.736239][ T5852] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.736253][ T5852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.736276][ T5852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.762097][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.762112][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.762138][ T5857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.784394][ T5852] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.784416][ T5852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.784440][ T5852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.256955][ T5840] hsr_slave_0: entered promiscuous mode [ 95.257881][ T5840] hsr_slave_1: entered promiscuous mode [ 95.279257][ T5841] hsr_slave_0: entered promiscuous mode [ 95.280162][ T5841] hsr_slave_1: entered promiscuous mode [ 95.281303][ T5841] debugfs: 'hsr0' already exists in 'hsr' [ 95.281423][ T5841] Cannot create hsr debugfs directory [ 95.401854][ T5849] Bluetooth: hci0: command tx timeout [ 95.401888][ T5849] Bluetooth: hci2: command tx timeout [ 95.449562][ T5842] hsr_slave_0: entered promiscuous mode [ 95.451286][ T5842] hsr_slave_1: entered promiscuous mode [ 95.452121][ T5842] debugfs: 'hsr0' already exists in 'hsr' [ 95.452143][ T5842] Cannot create hsr debugfs directory [ 95.480359][ T5843] Bluetooth: hci1: command tx timeout [ 95.480385][ T5843] Bluetooth: hci3: command tx timeout [ 95.480401][ T5843] Bluetooth: hci4: command tx timeout [ 95.749965][ T5857] hsr_slave_0: entered promiscuous mode [ 95.751756][ T5857] hsr_slave_1: entered promiscuous mode [ 95.752961][ T5857] debugfs: 'hsr0' already exists in 'hsr' [ 95.752984][ T5857] Cannot create hsr debugfs directory [ 95.836998][ T5852] hsr_slave_0: entered promiscuous mode [ 95.838595][ T5852] hsr_slave_1: entered promiscuous mode [ 95.842425][ T5852] debugfs: 'hsr0' already exists in 'hsr' [ 95.842450][ T5852] Cannot create hsr debugfs directory [ 97.481055][ T5849] Bluetooth: hci2: command tx timeout [ 97.481086][ T5849] Bluetooth: hci0: command tx timeout [ 97.560552][ T5849] Bluetooth: hci3: command tx timeout [ 97.560581][ T5849] Bluetooth: hci1: command tx timeout [ 97.560622][ T5843] Bluetooth: hci4: command tx timeout [ 97.585393][ T5840] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.617301][ T5840] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.645488][ T5840] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.681203][ T5840] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.804445][ T5841] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.854000][ T5841] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.918231][ T5841] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.949934][ T5841] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.087954][ T5842] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 98.125865][ T5842] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 98.157612][ T5842] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 98.198470][ T5842] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 98.357893][ T5857] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.406692][ T5857] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.450171][ T5857] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.517301][ T5857] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.619455][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.718841][ T5852] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.749374][ T5852] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.795678][ T5852] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.837924][ T5852] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.869321][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.925080][ T4533] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.925678][ T4533] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.991164][ T1314] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.991310][ T1314] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.023363][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.139697][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.182862][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.206558][ T4533] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.206773][ T4533] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.259447][ T69] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.259625][ T69] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.327229][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.386600][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.386868][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.394182][ T5857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.455055][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.455196][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.561485][ T5857] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.633315][ T5852] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.639809][ T4533] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.639939][ T4533] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.689704][ T69] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.689821][ T69] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.789740][ T5852] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.857890][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.858086][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.894295][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.936868][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.937295][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.419844][ T5840] veth0_vlan: entered promiscuous mode [ 100.455154][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.462583][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.496109][ T5840] veth1_vlan: entered promiscuous mode [ 100.653659][ T5857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.759901][ T5840] veth0_macvtap: entered promiscuous mode [ 100.808887][ T5840] veth1_macvtap: entered promiscuous mode [ 100.847344][ T5841] veth0_vlan: entered promiscuous mode [ 100.962405][ T5841] veth1_vlan: entered promiscuous mode [ 101.005930][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.051175][ T5852] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.053849][ T5857] veth0_vlan: entered promiscuous mode [ 101.078747][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.123341][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.125906][ T5857] veth1_vlan: entered promiscuous mode [ 101.149155][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.165375][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.185960][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.333528][ T5841] veth0_macvtap: entered promiscuous mode [ 101.439091][ T5841] veth1_macvtap: entered promiscuous mode [ 101.507876][ T5842] veth0_vlan: entered promiscuous mode [ 101.578821][ T5857] veth0_macvtap: entered promiscuous mode [ 101.596667][ T5852] veth0_vlan: entered promiscuous mode [ 101.612485][ T1314] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.612510][ T1314] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.636467][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.655467][ T5857] veth1_macvtap: entered promiscuous mode [ 101.659034][ T5842] veth1_vlan: entered promiscuous mode [ 101.704311][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.752148][ T5852] veth1_vlan: entered promiscuous mode [ 101.772196][ T4533] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.772214][ T4533] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.774935][ T1140] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.794124][ T1140] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.826522][ T1140] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.840827][ T1140] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.844870][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.934068][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.043972][ T43] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.053058][ T43] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.085185][ T43] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.162200][ T5842] veth0_macvtap: entered promiscuous mode [ 102.216940][ T43] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.241194][ T5842] veth1_macvtap: entered promiscuous mode [ 102.249811][ T5852] veth0_macvtap: entered promiscuous mode [ 102.501012][ T5852] veth1_macvtap: entered promiscuous mode [ 102.507834][ T5964] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8'. [ 102.519280][ T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.519300][ T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.683528][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.743840][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.746887][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.800603][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.800620][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.807580][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.876277][ T1140] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.877059][ T5968] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 102.886966][ T1140] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.937079][ T1140] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.956690][ T1140] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.976252][ T1140] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.988195][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.988214][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.989464][ T1140] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.993782][ T1140] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.993827][ T1140] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.338919][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.338939][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.673478][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.673497][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.792366][ T5986] comedi comedi0: Minor 3 could not be opened [ 103.837975][ T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.837994][ T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.001051][ T4533] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.001068][ T4533] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.227675][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.227695][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.254149][ T6051] netlink: 16 bytes leftover after parsing attributes in process `syz.3.36'. [ 107.254205][ T6051] netlink: 20 bytes leftover after parsing attributes in process `syz.3.36'. [ 107.474313][ T1231] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 107.685465][ T1231] usb 1-1: config 0 has an invalid interface number: 29 but max is 0 [ 107.685494][ T1231] usb 1-1: config 0 has no interface number 0 [ 107.685528][ T1231] usb 1-1: config 0 interface 29 has no altsetting 0 [ 107.692796][ T1231] usb 1-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac [ 107.692825][ T1231] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.692844][ T1231] usb 1-1: Product: syz [ 107.692865][ T1231] usb 1-1: Manufacturer: syz [ 107.692879][ T1231] usb 1-1: SerialNumber: syz [ 107.810392][ T1231] usb 1-1: config 0 descriptor?? [ 108.117194][ T1231] peak_usb 1-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels) [ 108.333274][ T1231] peak_usb 1-1:0.29 can0: sending command failure: -22 [ 108.333303][ T1231] peak_usb 1-1:0.29 can0: sending command failure: -22 [ 108.333325][ T1231] peak_usb 1-1:0.29 can0: sending command failure: -22 [ 108.756121][ T1231] peak_usb 1-1:0.29: probe with driver peak_usb failed with error -22 [ 108.911628][ T1231] usb 1-1: USB disconnect, device number 2 [ 109.534089][ T6110] atomic_op ffff888028ed3a18 conn xmit_atomic 0000000000000000 [ 109.990835][ T6125] netlink: 'syz.3.62': attribute type 3 has an invalid length. [ 110.155950][ T6130] tipc: Enabling of bearer rejected, failed to enable media [ 111.249417][ T6165] netlink: 8 bytes leftover after parsing attributes in process `syz.4.78'. [ 111.249440][ T6165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.78'. [ 111.249463][ T6165] netlink: 'syz.4.78': attribute type 7 has an invalid length. [ 111.535114][ T6174] netlink: 12 bytes leftover after parsing attributes in process `syz.3.92'. [ 111.535148][ T6174] netlink: 12 bytes leftover after parsing attributes in process `syz.3.92'. [ 111.886104][ T6180] sp0: Synchronizing with TNC [ 111.941050][ T6189] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 112.417566][ T5999] IPVS: starting estimator thread 0... [ 112.424622][ T6200] IPVS: sh: UDP 0.0.0.0:0 - no destination available [ 112.522606][ T6201] IPVS: using max 8 ests per chain, 19200 per kthread [ 112.948626][ T6223] netlink: 'syz.3.98': attribute type 2 has an invalid length. [ 113.560367][ T6244] vim2m vim2m.0: vidioc_s_fmt queue busy [ 113.811659][ T6249] warning: `syz.0.110' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 114.206351][ T6262] netlink: 8 bytes leftover after parsing attributes in process `syz.1.115'. [ 116.821118][ T6318] netlink: 260 bytes leftover after parsing attributes in process `syz.4.138'. [ 117.546264][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.603275][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.622227][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.656852][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.806828][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.857091][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.925095][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.005914][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.114256][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.176369][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.225113][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.277451][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.366078][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.484553][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.521647][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.555652][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.616181][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.676747][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.707161][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.771671][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.806082][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.905295][ C0] vkms_vblank_simulate: vblank timer overrun [ 118.995749][ C0] vkms_vblank_simulate: vblank timer overrun [ 123.356441][ T6334] netlink: 260 bytes leftover after parsing attributes in process `syz.2.143'. [ 123.356470][ T6334] netlink: 260 bytes leftover after parsing attributes in process `syz.2.143'. [ 123.800244][ C1] sched: DL replenish lagged too much [ 129.594538][ T6334] syz.2.143 (6334) used greatest stack depth: 17976 bytes left [ 138.495820][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 146.147539][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 164.833222][ T6276] syz.3.120 (6276): drop_caches: 1 [ 200.443993][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 212.857229][ T5851] Bluetooth: hci3: command 0x0406 tx timeout [ 212.857462][ T5851] Bluetooth: hci0: command 0x0406 tx timeout [ 212.857584][ T5851] Bluetooth: hci2: command 0x0406 tx timeout [ 212.857662][ T5851] Bluetooth: hci1: command 0x0406 tx timeout [ 213.559717][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 213.834208][ T5851] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 213.847155][ T5851] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 213.848197][ T5851] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 213.849357][ T5851] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 213.850130][ T5851] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 221.503062][ T5848] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 223.644575][ T6388] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 243.485287][ T5856] Bluetooth: hci4: command 0x0406 tx timeout [ 244.059214][ T5851] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 244.065715][ T5851] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 246.061784][ T5851] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 247.390325][ T5851] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 250.520348][ T5851] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 260.613395][ T5155] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 260.615116][ T5155] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 260.615516][ T5155] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 260.616679][ T5155] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 261.811506][ T5155] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 264.873623][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 264.885968][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 304.467623][ T6430] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 307.245534][ T6430] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 307.720190][ T6430] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 311.457337][ T6430] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 311.458244][ T6430] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 322.850296][ T6430] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 325.129692][ T6430] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 325.313228][ T6430] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 325.315466][ T6430] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 325.316263][ T6430] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 329.505759][ T6430] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 329.517777][ T6430] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 329.518774][ T6430] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 329.519200][ T6430] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 329.521186][ T6430] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 329.521998][ T6430] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 330.349991][ T1324] ieee802154 phy0 wpan0: encryption failed: -22 [ 330.479538][ T1324] ieee802154 phy1 wpan1: encryption failed: -22 [ 330.573912][ T5855] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 332.612117][ T6430] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 333.914293][ T6430] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 333.918605][ T6430] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 335.322367][ T6453] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 335.653274][ T6453] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 335.655945][ T6453] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 335.656926][ T6453] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 335.658110][ T6453] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 335.658892][ T6453] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 335.660392][ T6453] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 335.662489][ T6453] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 335.663293][ T6453] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 337.414999][ T6439] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 337.479335][ T6446] Bluetooth: hci9: Opcode 0x0c03 failed: -4 [ 341.756568][ T5856] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 342.755360][ T5856] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 343.243544][ T5856] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 343.806641][ T5856] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 343.807415][ T5856] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 355.232775][ T6459] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 356.339374][ T6459] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 357.313398][ T6459] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 357.463391][ T6459] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 357.464200][ T6459] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 371.679497][ T38] INFO: task kworker/0:2:1231 blocked for more than 144 seconds. [ 371.679526][ T38] Not tainted syzkaller #0 [ 371.679536][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 371.679549][ T38] task:kworker/0:2 state:D stack:20808 pid:1231 tgid:1231 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 371.679605][ T38] Workqueue: events reg_todo [ 371.679641][ T38] Call Trace: [ 371.679648][ T38] [ 371.679662][ T38] __schedule+0x16f3/0x4c20 [ 371.679703][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.679741][ T38] ? __pfx___schedule+0x10/0x10 [ 371.679791][ T38] rt_mutex_schedule+0x77/0xf0 [ 371.679810][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 371.679847][ T38] ? rt_mutex_slowlock_block+0x351/0x6d0 [ 371.679874][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 371.679909][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 371.679932][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 371.679953][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.679987][ T38] ? reg_process_self_managed_hints+0xaf/0x1c0 [ 371.680021][ T38] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 371.680050][ T38] ? reg_process_self_managed_hints+0xaf/0x1c0 [ 371.680075][ T38] mutex_lock_nested+0x16a/0x1d0 [ 371.692280][ T38] reg_process_self_managed_hints+0xaf/0x1c0 [ 371.692325][ T38] reg_todo+0x7bc/0x8c0 [ 371.692345][ T38] ? reg_todo+0x2fa/0x8c0 [ 371.692360][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 371.692386][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.692409][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.692434][ T38] process_scheduled_works+0xade/0x17b0 [ 371.692488][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 371.692530][ T38] worker_thread+0x8a0/0xda0 [ 371.692557][ T38] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 371.692593][ T38] ? __kthread_parkme+0x7b/0x200 [ 371.692628][ T38] kthread+0x70e/0x8a0 [ 371.692659][ T38] ? __pfx_worker_thread+0x10/0x10 [ 371.692681][ T38] ? __pfx_kthread+0x10/0x10 [ 371.692713][ T38] ? __pfx_kthread+0x10/0x10 [ 371.692741][ T38] ret_from_fork+0x3f9/0x770 [ 371.692768][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 371.692799][ T38] ? __switch_to_asm+0x39/0x70 [ 371.692817][ T38] ? __switch_to_asm+0x33/0x70 [ 371.692833][ T38] ? __pfx_kthread+0x10/0x10 [ 371.692861][ T38] ret_from_fork_asm+0x1a/0x30 [ 371.692903][ T38] [ 371.692970][ T38] INFO: task kworker/u9:2:5843 blocked for more than 144 seconds. [ 371.692985][ T38] Not tainted syzkaller #0 [ 371.692994][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 371.693003][ T38] task:kworker/u9:2 state:D stack:26216 pid:5843 tgid:5843 ppid:2 task_flags:0x42[ 371.693003][ T38] task:kworker/u9:2 state:D stack:26216 pid:5843 tgid:5843 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 371.693055][ T38] Workqueue: hci3 hci_cmd_sync_work [ 371.693076][ T38] Call Trace: [ 371.693093][ T38] [ 371.693105][ T38] __schedule+0x16f3/0x4c20 [ 371.693157][ T38] ? __pfx___schedule+0x10/0x10 [ 371.693200][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 371.693230][ T38] rt_mutex_schedule+0x77/0xf0 [ 371.693248][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 371.693271][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 371.693311][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 371.693337][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 371.693361][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 371.693381][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.693417][ T38] ? hci_conn_failed+0x165/0x310 [ 371.693449][ T38] ? __pfx_mgmt_connect_failed+0x10/0x10 [ 371.693474][ T38] ? hci_conn_failed+0x165/0x310 [ 371.693498][ T38] mutex_lock_nested+0x16a/0x1d0 [ 371.693525][ T38] hci_conn_failed+0x165/0x310 [ 371.693555][ T38] ? hci_abort_conn_sync+0x24e/0xe30 [ 371.693579][ T38] hci_abort_conn_sync+0x658/0xe30 [ 371.693616][ T38] ? __pfx_hci_abort_conn_sync+0x10/0x10 [ 371.693646][ T38] ? hci_conn_valid+0x21/0x230 [ 371.693665][ T38] ? hci_conn_valid+0x21/0x230 [ 371.693683][ T38] ? hci_conn_valid+0x21/0x230 [ 371.693703][ T38] ? hci_conn_valid+0x211/0x230 [ 371.693723][ T38] ? __pfx_abort_conn_sync+0x10/0x10 [ 371.693745][ T38] hci_cmd_sync_work+0x210/0x3a0 [ 371.693771][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.693796][ T38] process_scheduled_works+0xade/0x17b0 [ 371.693850][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 371.693902][ T38] worker_thread+0x8a0/0xda0 [ 371.693954][ T38] kthread+0x70e/0x8a0 [ 371.693984][ T38] ? __pfx_worker_thread+0x10/0x10 [ 371.694007][ T38] ? __pfx_kthread+0x10/0x10 [ 371.694039][ T38] ? __pfx_kthread+0x10/0x10 [ 371.694067][ T38] ret_from_fork+0x3f9/0x770 [ 371.694093][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 371.694124][ T38] ? __switch_to_asm+0x39/0x70 [ 371.694140][ T38] ? __switch_to_asm+0x33/0x70 [ 371.694157][ T38] ? __pfx_kthread+0x10/0x10 [ 371.694191][ T38] ret_from_fork_asm+0x1a/0x30 [ 371.694226][ T38] [ 371.694234][ T38] INFO: task kworker/0:3:5844 blocked for more than 144 seconds. [ 371.694247][ T38] Not tainted syzkaller #0 [ 371.694257][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 371.694265][ T38] task:kworker/0:3 state:D stack:21640 pid:5844 tgid:5844 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 371.694310][ T38] Workqueue: events_power_efficient reg_check_chans_work [ 371.694336][ T38] Call Trace: [ 371.694342][ T38] [ 371.694354][ T38] __schedule+0x16f3/0x4c20 [ 371.694391][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.694432][ T38] ? __pfx___schedule+0x10/0x10 [ 371.694477][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 371.694507][ T38] rt_mutex_schedule+0x77/0xf0 [ 371.694525][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 371.694547][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 371.694587][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 371.694612][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 371.694634][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 371.694653][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.694689][ T38] ? reg_check_chans_work+0x95/0xf30 [ 371.694721][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.694750][ T38] ? reg_check_chans_work+0x95/0xf30 [ 371.694775][ T38] mutex_lock_nested+0x16a/0x1d0 [ 371.694796][ T38] ? do_raw_spin_lock+0x121/0x290 [ 371.694822][ T38] reg_check_chans_work+0x95/0xf30 [ 371.694855][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.694894][ T38] ? __pfx_reg_check_chans_work+0x10/0x10 [ 371.694921][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.694951][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 371.694976][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.694998][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.695024][ T38] process_scheduled_works+0xade/0x17b0 [ 371.695077][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 371.695119][ T38] worker_thread+0x8a0/0xda0 [ 371.695156][ T38] ? __kthread_parkme+0x7b/0x200 [ 371.695191][ T38] kthread+0x70e/0x8a0 [ 371.695222][ T38] ? __pfx_worker_thread+0x10/0x10 [ 371.695244][ T38] ? __pfx_kthread+0x10/0x10 [ 371.695277][ T38] ? __pfx_kthread+0x10/0x10 [ 371.695304][ T38] ret_from_fork+0x3f9/0x770 [ 371.695331][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 371.695362][ T38] ? __switch_to_asm+0x39/0x70 [ 371.695379][ T38] ? __switch_to_asm+0x33/0x70 [ 371.695396][ T38] ? __pfx_kthread+0x10/0x10 [ 371.695424][ T38] ret_from_fork_asm+0x1a/0x30 [ 371.695459][ T38] [ 371.695469][ T38] INFO: task kworker/u9:6:5854 blocked for more than 144 seconds. [ 371.695481][ T38] Not tainted syzkaller #0 [ 371.695490][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 371.695499][ T38] task:kworker/u9:6 state:D stack:25744 pid:5854 tgid:5854 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 371.695546][ T38] Workqueue: hci0 hci_cmd_sync_work [ 371.695564][ T38] Call Trace: [ 371.695570][ T38] [ 371.695582][ T38] __schedule+0x16f3/0x4c20 [ 371.695634][ T38] ? __pfx___schedule+0x10/0x10 [ 371.695679][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 371.695708][ T38] rt_mutex_schedule+0x77/0xf0 [ 371.695726][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 371.695749][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 371.695789][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 371.695814][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 371.695837][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 371.695857][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.695899][ T38] ? hci_conn_failed+0x165/0x310 [ 371.695931][ T38] ? __pfx_mgmt_connect_failed+0x10/0x10 [ 371.695956][ T38] ? hci_conn_failed+0x165/0x310 [ 371.695980][ T38] mutex_lock_nested+0x16a/0x1d0 [ 371.696008][ T38] hci_conn_failed+0x165/0x310 [ 371.696036][ T38] ? hci_abort_conn_sync+0x24e/0xe30 [ 371.696060][ T38] hci_abort_conn_sync+0x658/0xe30 [ 371.696097][ T38] ? __pfx_hci_abort_conn_sync+0x10/0x10 [ 371.696126][ T38] ? hci_conn_valid+0x21/0x230 [ 371.696143][ T38] ? hci_conn_valid+0x21/0x230 [ 371.696161][ T38] ? hci_conn_valid+0x21/0x230 [ 371.696181][ T38] ? hci_conn_valid+0x211/0x230 [ 371.696201][ T38] ? __pfx_abort_conn_sync+0x10/0x10 [ 371.696223][ T38] hci_cmd_sync_work+0x210/0x3a0 [ 371.696248][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.696273][ T38] process_scheduled_works+0xade/0x17b0 [ 371.696327][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 371.696368][ T38] worker_thread+0x8a0/0xda0 [ 371.696420][ T38] kthread+0x70e/0x8a0 [ 371.696450][ T38] ? __pfx_worker_thread+0x10/0x10 [ 371.696473][ T38] ? __pfx_kthread+0x10/0x10 [ 371.696505][ T38] ? __pfx_kthread+0x10/0x10 [ 371.696533][ T38] ret_from_fork+0x3f9/0x770 [ 371.696559][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 371.696590][ T38] ? __switch_to_asm+0x39/0x70 [ 371.696607][ T38] ? __switch_to_asm+0x33/0x70 [ 371.696623][ T38] ? __pfx_kthread+0x10/0x10 [ 371.696651][ T38] ret_from_fork_asm+0x1a/0x30 [ 371.696696][ T38] [ 371.696733][ T38] INFO: task kworker/u8:27:6350 blocked for more than 144 seconds. [ 371.696745][ T38] Not tainted syzkaller #0 [ 371.696755][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 371.696763][ T38] task:kworker/u8:27 state:D stack:21952 pid:6350 tgid:6350 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 371.696808][ T38] Workqueue: ipv6_addrconf addrconf_verify_work [ 371.696830][ T38] Call Trace: [ 371.696836][ T38] [ 371.696848][ T38] __schedule+0x16f3/0x4c20 [ 371.696892][ T38] ? __lock_acquire+0xab9/0xd20 [ 371.696940][ T38] ? __pfx___schedule+0x10/0x10 [ 371.696985][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 371.697015][ T38] rt_mutex_schedule+0x77/0xf0 [ 371.697033][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 371.697056][ T38] ? task_blocks_on_rt_mutex+0xf04/0x1380 [ 371.697096][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 371.697121][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 371.697143][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 371.697176][ T38] ? addrconf_verify_work+0x19/0x30 [ 371.697207][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.697233][ T38] ? addrconf_verify_work+0x19/0x30 [ 371.697254][ T38] mutex_lock_nested+0x16a/0x1d0 [ 371.697275][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 371.697303][ T38] addrconf_verify_work+0x19/0x30 [ 371.697325][ T38] ? process_scheduled_works+0x9ef/0x17b0 [ 371.697346][ T38] process_scheduled_works+0xade/0x17b0 [ 371.697400][ T38] ? __pfx_process_scheduled_works+0x10/0x10 [ 371.697441][ T38] worker_thread+0x8a0/0xda0 [ 371.697493][ T38] kthread+0x70e/0x8a0 [ 371.697523][ T38] ? __pfx_worker_thread+0x10/0x10 [ 371.697545][ T38] ? __pfx_kthread+0x10/0x10 [ 371.697577][ T38] ? __pfx_kthread+0x10/0x10 [ 371.697605][ T38] ret_from_fork+0x3f9/0x770 [ 371.697632][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 371.697663][ T38] ? __switch_to_asm+0x39/0x70 [ 371.697680][ T38] ? __switch_to_asm+0x33/0x70 [ 371.697696][ T38] ? __pfx_kthread+0x10/0x10 [ 371.697724][ T38] ret_from_fork_asm+0x1a/0x30 [ 371.697759][ T38] [ 371.697772][ T38] INFO: task syz.1.144:6374 blocked for more than 144 seconds. [ 371.697785][ T38] Not tainted syzkaller #0 [ 371.697794][ T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 371.697803][ T38] task:syz.1.144 state:D stack:29224 pid:6374 tgid:6372 ppid:5841 task_flags:0x400040 flags:0x00004006 [ 371.697851][ T38] Call Trace: [ 371.697857][ T38] [ 371.697869][ T38] __schedule+0x16f3/0x4c20 [ 371.697915][ T38] ? __switch_to+0xdae/0x1670 [ 371.697945][ T38] ? __pfx___schedule+0x10/0x10 [ 371.697989][ T38] ? _raw_spin_unlock_irq+0x23/0x50 [ 371.698019][ T38] rt_mutex_schedule+0x77/0xf0 [ 371.698037][ T38] rt_mutex_slowlock_block+0x5ba/0x6d0 [ 371.698060][ T38] ? task_blocks_on_rt_mutex+0xf12/0x1380 [ 371.698100][ T38] rt_mutex_slowlock+0x2b1/0x6e0 [ 371.698125][ T38] ? rt_mutex_slowlock+0x1c9/0x6e0 [ 371.698148][ T38] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 371.698181][ T38] ? ppp_release+0x8a/0x1f0 [ 371.698207][ T38] ? __pfx___fsnotify_parent+0x10/0x10 [ 371.698230][ T38] ? do_raw_spin_lock+0x121/0x290 [ 371.698254][ T38] ? ppp_release+0x8a/0x1f0 [ 371.698267][ T38] mutex_lock_nested+0x16a/0x1d0 [ 371.698301][ T38] ppp_release+0x8a/0x1f0 [ 371.698320][ T38] ? __pfx_ppp_release+0x10/0x10 [ 371.698338][ T38] __fput+0x45b/0xa80 [ 371.698370][ T38] task_work_run+0x1d4/0x260 [ 371.698393][ T38] ? __pfx_task_work_run+0x10/0x10 [ 371.698424][ T38] get_signal+0x11c5/0x1310 [ 371.698471][ T38] arch_do_signal_or_restart+0x9a/0x750 [ 371.698494][ T38] ? __pfx_task_work_add+0x10/0x10 [ 371.698516][ T38] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 371.698537][ T38] ? __pfx_ppp_ioctl+0x10/0x10 [ 371.698561][ T38] ? __fget_files+0x2a/0x420 [ 371.698593][ T38] ? exit_to_user_mode_loop+0x40/0x110 [ 371.698622][ T38] exit_to_user_mode_loop+0x75/0x110 [ 371.698647][ T38] do_syscall_64+0x2bd/0x3b0 [ 371.698665][ T38] ? lockdep_hardirqs_on+0x9c/0x150 [ 371.698691][ T38] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.698710][ T38] ? clear_bhb_loop+0x60/0xb0 [ 371.698733][ T38] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.698764][ T38] RIP: 0033:0x7fa52450eba9 [ 371.698785][ T38] RSP: 002b:00007fa52274d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 371.698804][ T38] RAX: fffffffffffffff2 RBX: 00007fa524756090 RCX: 00007fa52450eba9 [ 371.698818][ T38] RDX: 0000000000000000 RSI: 0000000040107447 RDI: 0000000000000003 [ 371.698830][ T38] RBP: 00007fa524591e19 R08: 0000000000000000 R09: 0000000000000000 [ 371.698842][ T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.698854][ T38] R13: 00007fa524756128 R14: 00007fa524756090 R15: 00007fff18399ca8 [ 371.698892][ T38] [ 371.698927][ T38] [ 371.698927][ T38] Showing all locks held in the system: [ 371.698936][ T38] 4 locks held by kworker/0:0/9: [ 371.698947][ T38] #0: ffff88805b407938 ((wq_completion)wg-kex-wg2#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.699001][ T38] #1: ffffc900000e7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.699063][ T38] #2: ffff88805b62d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900 [ 371.699112][ T38] #3: ffff88805cff6350 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x4de/0x900 [ 371.699159][ T38] 4 locks held by kworker/0:1/10: [ 371.699170][ T38] 4 locks held by kworker/u8:0/12: [ 371.699181][ T38] #0: ffff88803966e938 ((wq_completion)wg-kex-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.699232][ T38] #1: ffffc90000117bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.699280][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.699327][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.699374][ T38] 5 locks held by kworker/u8:1/13: [ 371.699384][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.699431][ T38] #1: ffffc90000127bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.699478][ T38] #2: ffff88805fec0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.699527][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.699572][ T38] #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.699620][ T38] 2 locks held by ksoftirqd/0/15: [ 371.699630][ T38] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.699675][ T38] #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.699724][ T38] 4 locks held by kworker/1:0/31: [ 371.699736][ T38] 1 lock held by khungtaskd/38: [ 371.699746][ T38] #0: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 371.699790][ T38] 5 locks held by kworker/u8:2/43: [ 371.699800][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.699847][ T38] #1: ffffc90000b47bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.699900][ T38] #2: ffff88805e820898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.699948][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.699993][ T38] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.700047][ T38] 4 locks held by kworker/1:1/49: [ 371.700058][ T38] #0: ffff88805b407938 ((wq_completion)wg-kex-wg2#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.712296][ T38] #1: ffffc90000bb7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.712374][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.712421][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.712470][ T38] 7 locks held by kworker/u8:3/57: [ 371.712480][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.712528][ T38] #1: ffffc9000123fbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.712576][ T38] #2: ffff88805ccd5300 (&devlink->lock_key){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 371.712628][ T38] #3: ffff88805cdc2120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 371.712679][ T38] #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 371.712727][ T38] #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.712772][ T38] #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.712820][ T38] 6 locks held by kworker/u9:0/59: [ 371.712830][ T38] #0: ffff8880302f6938 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.712877][ T38] #1: ffffc9000125fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.712931][ T38] #2: ffff888036470e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 371.712976][ T38] #3: ffff8880364700a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 371.713025][ T38] #4: ffffffff8ee3ac38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 371.713075][ T38] #5: ffff888036142358 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680 [ 371.713131][ T38] 5 locks held by kworker/u8:4/69: [ 371.713141][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.713188][ T38] #1: ffffc9000152fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.713235][ T38] #2: ffff88805ecf0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.713284][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.713329][ T38] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.713384][ T38] 5 locks held by kworker/u8:6/1108: [ 371.713395][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.713442][ T38] #1: ffffc90004d8fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.713489][ T38] #2: ffff88805de60898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.713536][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.713582][ T38] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.713629][ T38] 5 locks held by kworker/u8:7/1140: [ 371.713640][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.713686][ T38] #1: ffffc90004e7fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.713732][ T38] #2: ffff88805f480898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.713781][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.713827][ T38] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.713874][ T38] 4 locks held by kworker/0:2/1231: [ 371.713894][ T38] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.713941][ T38] #1: ffffc90004e2fbc0 (reg_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.713987][ T38] #2: ffffffff8ecd3278 (rtnl_mutex){+.+.}-{4:4}, at: reg_todo+0x1c/0x8c0 [ 371.714028][ T38] #3: ffff88805fec0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: reg_process_self_managed_hints+0xaf/0x1c0 [ 371.714080][ T38] 5 locks held by kworker/u8:8/1314: [ 371.714091][ T38] #0: ffff88814d9da938 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.714137][ T38] #1: ffffc9000544fbc0 ((work_completion)(&(&forw_packet_aggr->delayed_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.714190][ T38] #2: ffff88802817a910 (&hard_iface->bat_iv.ogm_buff_mutex){+.+.}-{4:4}, at: batadv_iv_ogm_schedule+0xea/0xf00 [ 371.714241][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.714287][ T38] #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.714335][ T38] 5 locks held by kworker/u8:9/1444: [ 371.714345][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.714392][ T38] #1: ffffc9000564fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.714439][ T38] #2: ffff88805fa30898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.714487][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.714533][ T38] #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.714592][ T38] 5 locks held by kworker/u8:10/3634: [ 371.714602][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.714649][ T38] #1: ffffc9000dddfbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.714697][ T38] #2: ffff88805fc70898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.714745][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.714800][ T38] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.714847][ T38] 5 locks held by kworker/u8:11/4533: [ 371.714857][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.714910][ T38] #1: ffffc9000f4afbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.714957][ T38] #2: ffff88805ead0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.715006][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.715050][ T38] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.715097][ T38] 5 locks held by kworker/u8:12/5121: [ 371.715108][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.715154][ T38] #1: ffffc9000feefbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.715201][ T38] #2: ffff88805f820898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.715249][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.715295][ T38] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.715343][ T38] 4 locks held by kworker/u9:1/5155: [ 371.715353][ T38] #0: ffff888044596938 ((wq_completion)hci6#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.715405][ T38] #1: ffffc9001009fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.715452][ T38] #2: ffff88805bad40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 371.715498][ T38] #3: ffffffff8ee3ac38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 371.715546][ T38] 3 locks held by udevd/5206: [ 371.715556][ T38] #0: ffff8880249b8350 (sk_lock-AF_NETLINK){+.+.}-{0:0}, at: netlink_insert+0xd3/0x1370 [ 371.715603][ T38] #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.715649][ T38] #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.715695][ T38] 2 locks held by dhcpcd/5501: [ 371.715705][ T38] #0: ffff88802fba4910 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: __netlink_dump_start+0xfe/0x7e0 [ 371.715753][ T38] #1: ffffffff8ecd3278 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dumpit+0x92/0x200 [ 371.715803][ T38] 2 locks held by getty/5599: [ 371.715813][ T38] #0: ffff88823bf428a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 371.715864][ T38] #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410 [ 371.715917][ T38] 1 lock held by dhcpcd/5636: [ 371.715927][ T38] #0: ffff88803a73ee78 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 371.715979][ T38] 6 locks held by syz-executor/5824: [ 371.715989][ T38] #0: ffff8880324fa1d0 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_recvmsg+0xd3/0x560 [ 371.716043][ T38] #1: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: __ip_queue_xmit+0x63/0x1b00 [ 371.716086][ T38] #2: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: ip_output+0x60/0x3c0 [ 371.716128][ T38] #3: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: ip_finish_output2+0x452/0x11d0 [ 371.716171][ T38] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.716216][ T38] #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.716263][ T38] 5 locks held by kworker/u9:2/5843: [ 371.716274][ T38] #0: ffff88802687a138 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.716321][ T38] #1: ffffc90004c4fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.716368][ T38] #2: ffff88802370ce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 371.716412][ T38] #3: ffff88802370c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 371.716460][ T38] #4: ffffffff8ee3ac38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 371.716515][ T38] 3 locks held by kworker/0:3/5844: [ 371.716526][ T38] #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.716574][ T38] #1: ffffc90004c9fbc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.716620][ T38] #2: ffffffff8ecd3278 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf30 [ 371.716670][ T38] 5 locks held by kworker/u9:3/5848: [ 371.716681][ T38] #0: ffff88802687e938 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.716728][ T38] #1: ffffc90004d0fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.716772][ T38] #2: ffff888058bcce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 371.716814][ T38] #3: ffff888058bcc0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 371.716862][ T38] #4: ffffffff8ee3ac38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 371.716918][ T38] 4 locks held by kworker/u9:4/5849: [ 371.716929][ T38] #0: ffff888034317938 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.716975][ T38] #1: ffffc90004d1fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.717023][ T38] #2: ffff888032a14e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 371.717067][ T38] #3: ffff888032a140a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 371.717116][ T38] 4 locks held by kworker/u9:5/5851: [ 371.717126][ T38] #0: ffff88814d89d138 ((wq_completion)krxrpcd){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.717173][ T38] #1: ffffc90004d3fbc0 ((work_completion)(&rxnet->peer_keepalive_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.717220][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.717266][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.717314][ T38] 5 locks held by kworker/u9:6/5854: [ 371.717325][ T38] #0: ffff88802687b138 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.717371][ T38] #1: ffffc90004d5fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.717418][ T38] #2: ffff888038b2ce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0 [ 371.717462][ T38] #3: ffff888038b2c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30 [ 371.717511][ T38] #4: ffffffff8ee3ac38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310 [ 371.717561][ T38] 4 locks held by kworker/u9:7/5855: [ 371.717571][ T38] #0: ffff888060632938 ((wq_completion)hci7#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.717622][ T38] #1: ffffc90004d6fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.717669][ T38] #2: ffff888057f400a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 371.717715][ T38] #3: ffffffff8ee3ac38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 371.717762][ T38] 4 locks held by kworker/u9:8/5856: [ 371.717772][ T38] #0: ffff8880279a4138 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.717824][ T38] #1: ffffc90004d7fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.717870][ T38] #2: ffff88806e1180a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 371.717923][ T38] #3: ffffffff8ee3ac38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 371.717974][ T38] 2 locks held by napi/wg2-0/5906: [ 371.717985][ T38] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.718031][ T38] #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.718079][ T38] 6 locks held by kworker/0:4/5914: [ 371.718090][ T38] #0: ffff88805b5c4d38 ((wq_completion)wg-kex-wg2#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.718140][ T38] #1: ffffc9000518fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.718208][ T38] #2: ffff88805b9515f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x115/0x970 [ 371.718256][ T38] #3: ffff888023be03f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x126/0x970 [ 371.718302][ T38] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.718356][ T38] #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.718404][ T38] 2 locks held by napi/wg1-0/5925: [ 371.718414][ T38] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.718460][ T38] #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.718506][ T38] 2 locks held by kworker/1:5/5926: [ 371.718517][ T38] #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.718563][ T38] #1: ffffc9000528fbc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.718610][ T38] 2 locks held by napi/wg2-0/5928: [ 371.718621][ T38] #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.718667][ T38] #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.718714][ T38] 8 locks held by kworker/0:5/5999: [ 371.718725][ T38] 4 locks held by kworker/1:7/6038: [ 371.718735][ T38] #0: ffff88805b59ad38 ((wq_completion)wg-kex-wg0#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.718787][ T38] #1: ffffc9000533fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.718848][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.718900][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.718946][ T38] 4 locks held by kworker/1:8/6326: [ 371.718957][ T38] #0: ffff88805ae78538 ((wq_completion)wg-kex-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.719008][ T38] #1: ffffc9000573fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.719069][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.719116][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.719162][ T38] 5 locks held by kworker/u8:13/6330: [ 371.719172][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.719219][ T38] #1: ffffc9000575fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.719266][ T38] #2: ffff88805e590898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470 [ 371.719315][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.719361][ T38] #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.719408][ T38] 7 locks held by kworker/u8:14/6331: [ 371.719418][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.719465][ T38] #1: ffffc90005cdfbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.719514][ T38] #2: ffff88805cf90300 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 371.719570][ T38] #3: ffff88805cf4f120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 371.719621][ T38] #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 371.719666][ T38] #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.719712][ T38] #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.719760][ T38] 7 locks held by kworker/u8:16/6337: [ 371.719770][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 371.719817][ T38] #1: ffffc900056dfbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 371.719865][ T38] #2: ffff88805d6b5300 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 371.719926][ T38] #3: ffff88805d6e7120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 371.719977][ T38] #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 371.720022][ T38] #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 371.720067][ T38] #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 371.760140][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 371.760167][ C0] rcu: 0-....: (1 GPs behind) idle=badc/1/0x4000000000000000 softirq=0/0 fqs=385 rcuc=14723 jiffies(starved) [ 371.760194][ C0] rcu: hardirqs softirqs csw/system [ 371.760201][ C0] rcu: number: 6341 10956 5974 [ 371.760213][ C0] rcu: cputime: 181 49396 2548 ==> 52150(ms) [ 371.760226][ C0] rcu: (t=10500 jiffies g=11417 q=634390 ncpus=2) [ 371.760263][ C0] CPU: 0 UID: 0 PID: 5999 Comm: kworker/0:5 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 371.760309][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 371.760333][ C0] Workqueue: events_power_efficient neigh_periodic_work [ 371.760364][ C0] RIP: 0010:lock_acquire+0x175/0x360 [ 371.760388][ C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 1b 1c 5a 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e [ 371.760401][ C0] RSP: 0018:ffffc900053fe518 EFLAGS: 00000206 [ 371.760416][ C0] RAX: 4bf04398f2383d00 RBX: 0000000000000000 RCX: 4bf04398f2383d00 [ 371.760428][ C0] RDX: 0000000000000000 RSI: ffffffff8d21a502 RDI: ffffffff8b621000 [ 371.760440][ C0] RBP: ffffffff8172b165 R08: 0000000000000000 R09: ffffffff8172b165 [ 371.760452][ C0] R10: ffffc900053fe6d8 R11: ffffffff81aae2f0 R12: 0000000000000002 [ 371.760464][ C0] R13: ffffffff8d9a8bc0 R14: 0000000000000000 R15: 0000000000000246 [ 371.760476][ C0] FS: 0000000000000000(0000) GS:ffff8881268bf000(0000) knlGS:0000000000000000 [ 371.760490][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 371.760502][ C0] CR2: 00007f5cbb925000 CR3: 000000000d7a6000 CR4: 00000000003526f0 [ 371.760517][ C0] Call Trace: [ 371.760524][ C0] [ 371.760540][ C0] ? unwind_next_frame+0xa5/0x2390 [ 371.760563][ C0] ? __kasan_slab_alloc+0x6c/0x80 [ 371.760585][ C0] ? unwind_next_frame+0xa5/0x2390 [ 371.760607][ C0] unwind_next_frame+0xc2/0x2390 [ 371.760629][ C0] ? unwind_next_frame+0xa5/0x2390 [ 371.760657][ C0] ? unwind_next_frame+0xa5/0x2390 [ 371.760680][ C0] ? kasan_save_track+0x3e/0x80 [ 371.760703][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 371.760723][ C0] arch_stack_walk+0x11c/0x150 [ 371.760771][ C0] ? __kasan_slab_alloc+0x6c/0x80 [ 371.760796][ C0] stack_trace_save+0x9c/0xe0 [ 371.760815][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 371.760831][ C0] ? do_raw_spin_lock+0x121/0x290 [ 371.760861][ C0] kasan_save_track+0x3e/0x80 [ 371.760879][ C0] ? kasan_save_track+0x3e/0x80 [ 371.760896][ C0] ? __kasan_slab_alloc+0x6c/0x80 [ 371.760965][ C0] ? kmalloc_reserve+0xbd/0x290 [ 371.760992][ C0] __kasan_slab_alloc+0x6c/0x80 [ 371.761013][ C0] ? kmalloc_reserve+0xbd/0x290 [ 371.761035][ C0] kmem_cache_alloc_node_noprof+0x14e/0x330 [ 371.761066][ C0] kmalloc_reserve+0xbd/0x290 [ 371.761094][ C0] __alloc_skb+0x142/0x2d0 [ 371.761121][ C0] synproxy_send_client_synack+0x16c/0xe20 [ 371.761166][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 371.761190][ C0] ? nft_jhash_eval+0x770/0xa80 [ 371.761214][ C0] ? synproxy_pernet+0x45/0x270 [ 371.761239][ C0] nft_synproxy_eval_v4+0x36e/0x560 [ 371.761265][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 371.761286][ C0] ? nf_ip_checksum+0x13c/0x510 [ 371.761308][ C0] nft_synproxy_do_eval+0x345/0x570 [ 371.761333][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 371.761369][ C0] nft_do_chain+0x409/0x1920 [ 371.761403][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 371.761429][ C0] ? __lock_acquire+0xab9/0xd20 [ 371.761480][ C0] nft_do_chain_inet+0x25d/0x340 [ 371.761499][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 371.761516][ C0] ? __lock_acquire+0xab9/0xd20 [ 371.761549][ C0] ? NF_HOOK+0x9a/0x3a0 [ 371.761573][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 371.761593][ C0] nf_hook_slow+0xc2/0x220 [ 371.761621][ C0] NF_HOOK+0x206/0x3a0 [ 371.761645][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 371.761668][ C0] ? NF_HOOK+0x9a/0x3a0 [ 371.761689][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 371.761708][ C0] ? ip_rcv_finish_core+0xda3/0x1c00 [ 371.761734][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 371.761758][ C0] ? skb_dst+0x4f/0xd0 [ 371.761781][ C0] ? ip_local_deliver+0x12a/0x1b0 [ 371.761808][ C0] NF_HOOK+0x30c/0x3a0 [ 371.761831][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 371.761853][ C0] ? NF_HOOK+0x9a/0x3a0 [ 371.761874][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 371.761898][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 371.761932][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 371.761953][ C0] __netif_receive_skb+0x143/0x380 [ 371.761974][ C0] ? rt_spin_unlock+0x65/0x80 [ 371.761999][ C0] ? process_backlog+0x27b/0x900 [ 371.762020][ C0] process_backlog+0x31e/0x900 [ 371.762055][ C0] __napi_poll+0xb3/0x540 [ 371.762081][ C0] net_rx_action+0x707/0xe00 [ 371.762101][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 371.762145][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 371.762171][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 371.762204][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 371.762238][ C0] handle_softirqs+0x22f/0x710 [ 371.762269][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 371.762302][ C0] __local_bh_enable_ip+0x179/0x270 [ 371.762323][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 371.762344][ C0] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 371.762364][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 371.762399][ C0] ? neigh_periodic_work+0x57/0xe90 [ 371.762423][ C0] neigh_periodic_work+0xc37/0xe90 [ 371.762449][ C0] ? neigh_periodic_work+0x57/0xe90 [ 371.762472][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 371.762496][ C0] process_scheduled_works+0xade/0x17b0 [ 371.762546][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 371.762585][ C0] worker_thread+0x8a0/0xda0 [ 371.762610][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 371.762643][ C0] ? __kthread_parkme+0x7b/0x200 [ 371.762670][ C0] kthread+0x70e/0x8a0 [ 371.762695][ C0] ? __pfx_worker_thread+0x10/0x10 [ 371.762713][ C0] ? __pfx_kthread+0x10/0x10 [ 371.762740][ C0] ? __pfx_kthread+0x10/0x10 [ 371.762764][ C0] ret_from_fork+0x3f9/0x770 [ 371.762787][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 371.762814][ C0] ? __switch_to_asm+0x39/0x70 [ 371.762827][ C0] ? __switch_to_asm+0x33/0x70 [ 371.762839][ C0] ? __pfx_kthread+0x10/0x10 [ 371.762863][ C0] ret_from_fork_asm+0x1a/0x30 [ 371.762894][ C0] [ 375.262449][ T38] 6 locks held by kworker/u8:17/6338: [ 375.262470][ T38] #0: ffff888023a2c138 ((wq_completion)wg-kex-wg2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.262526][ T38] #1: ffffc90005d0fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.262574][ T38] #2: ffff88803ad1d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0 [ 375.262622][ T38] #3: ffff88805cff0e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0 [ 375.262669][ T38] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.262716][ T38] #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.262764][ T38] 6 locks held by kworker/u8:24/6347: [ 375.262775][ T38] #0: ffff88805b6b3138 ((wq_completion)wg-kex-wg2#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.262834][ T38] #1: ffffc90005d7fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.262882][ T38] #2: ffff88805b62d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0 [ 375.262929][ T38] #3: ffff88805cff6350 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0 [ 375.262975][ T38] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.263019][ T38] #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.263066][ T38] 3 locks held by kworker/u8:27/6350: [ 375.263077][ T38] #0: ffff8880302f1938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.263124][ T38] #1: ffffc9000585fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.263172][ T38] #2: ffffffff8ecd3278 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 375.263220][ T38] 7 locks held by kworker/u8:29/6352: [ 375.263231][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.263278][ T38] #1: ffffc90005dcfbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.263327][ T38] #2: ffff88805d5f6300 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 375.263382][ T38] #3: ffff88805d51fd20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 375.263433][ T38] #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 375.263479][ T38] #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.263525][ T38] #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.263571][ T38] 4 locks held by kworker/u8:30/6353: [ 375.263582][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.263628][ T38] #1: ffffc90005ddfbc0 ((work_completion)(&port->bc_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.263674][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.263713][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.263753][ T38] 4 locks held by kworker/1:10/6355: [ 375.263764][ T38] #0: ffff88805b59b538 ((wq_completion)wg-kex-wg0#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.263821][ T38] #1: ffffc90005dffbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.263882][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.263928][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.263974][ T38] 4 locks held by kworker/1:11/6356: [ 375.263985][ T38] #0: ffff888019899138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.264032][ T38] #1: ffffc90005e0fbc0 ((work_completion)(&(&ipvs->defense_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.264080][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.264126][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.264172][ T38] 4 locks held by kworker/1:12/6357: [ 375.264183][ T38] #0: ffff888039598138 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.264234][ T38] #1: ffffc90005e1fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.264296][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.264342][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.264389][ T38] 6 locks held by kworker/u8:32/6360: [ 375.264400][ T38] #0: ffff888023a2f138 ((wq_completion)wg-kex-wg2#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.264452][ T38] #1: ffffc90005ccfbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.264500][ T38] #2: ffff888034be15f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0 [ 375.264547][ T38] #3: ffff888036cc38f0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0 [ 375.264592][ T38] #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.264638][ T38] #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.264686][ T38] 2 locks held by kworker/1:13/6362: [ 375.264698][ T38] 4 locks held by kworker/1:15/6370: [ 375.264708][ T38] #0: ffff88805ae78938 ((wq_completion)wg-crypt-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.264760][ T38] #1: ffffc90005e4fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.264828][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.264874][ T38] #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.264922][ T38] 1 lock held by syz.1.144/6374: [ 375.264932][ T38] #0: ffffffff8ecd3278 (rtnl_mutex){+.+.}-{4:4}, at: ppp_release+0x8a/0x1f0 [ 375.264975][ T38] 4 locks held by kworker/0:7/6377: [ 375.264985][ T38] #0: ffff888039598138 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.265037][ T38] #1: ffffc90005e6fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.265098][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.265144][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.265192][ T38] 5 locks held by kworker/0:9/6381: [ 375.265202][ T38] #0: ffff88805ae8e138 ((wq_completion)wg-kex-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.265253][ T38] #1: ffffc900056ffbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.265315][ T38] #2: ffff88803ad1d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900 [ 375.265362][ T38] #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.265408][ T38] #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.265455][ T38] 3 locks held by kworker/0:10/6383: [ 375.265466][ T38] #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.265514][ T38] #1: ffffc90005e8fbc0 ((crda_timeout).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.265560][ T38] #2: ffffffff8ecd3278 (rtnl_mutex){+.+.}-{4:4}, at: crda_timeout_work+0x15/0x50 [ 375.265612][ T38] 4 locks held by kworker/0:11/6384: [ 375.265623][ T38] #0: ffff88805b599138 ((wq_completion)wg-crypt-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.265674][ T38] #1: ffffc90005e9fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.265735][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.265780][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.265834][ T38] 2 locks held by kworker/1:21/6387: [ 375.265845][ T38] 4 locks held by kworker/0:12/6389: [ 375.265855][ T38] #0: ffff88805b41b938 ((wq_completion)wg-crypt-wg2#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.265907][ T38] #1: ffffc90005edfbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.265968][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.266014][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.266062][ T38] 4 locks held by kworker/0:14/6394: [ 375.266073][ T38] #0: ffff88805b59ad38 ((wq_completion)wg-kex-wg0#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.266124][ T38] #1: ffffc90005f2fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.266185][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.266231][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.266279][ T38] 4 locks held by kworker/0:15/6395: [ 375.266289][ T38] #0: ffff88805ae78538 ((wq_completion)wg-kex-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.266341][ T38] #1: ffffc90005ecfbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.266401][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.266448][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.266495][ T38] 4 locks held by kworker/0:17/6399: [ 375.266506][ T38] #0: ffff88805b068d38 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.266554][ T38] #1: ffffc90005f1fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.266615][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.266661][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.266708][ T38] 1 lock held by syz-executor/6401: [ 375.266718][ T38] #0: ffffffff8ecd3278 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 375.266766][ T38] 4 locks held by kworker/0:22/6419: [ 375.266776][ T38] #0: ffff88805b06bd38 ((wq_completion)wg-kex-wg1#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.266832][ T38] #1: ffffc9000602fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.266894][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.266940][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.266987][ T38] 1 lock held by syz-executor/6422: [ 375.266998][ T38] 4 locks held by kworker/0:24/6427: [ 375.267009][ T38] #0: ffff88805b598d38 ((wq_completion)wg-kex-wg2#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.267060][ T38] #1: ffffc9000608fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.267121][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.267167][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.267214][ T38] 3 locks held by syz-executor/6428: [ 375.267224][ T38] #0: ffff8880395da350 (sk_lock-AF_NETLINK){+.+.}-{0:0}, at: netlink_insert+0xd3/0x1370 [ 375.267272][ T38] #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.267318][ T38] #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.267365][ T38] 4 locks held by kworker/0:25/6433: [ 375.267375][ T38] #0: ffff88805b419538 ((wq_completion)wg-kex-wg1#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.267428][ T38] #1: ffffc90010187bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.267489][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.267536][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.267576][ T38] 3 locks held by syz-executor/6435: [ 375.267584][ T38] #0: ffff88802a120350 (sk_lock-AF_NETLINK){+.+.}-{0:0}, at: netlink_insert+0xd3/0x1370 [ 375.267623][ T38] #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.267668][ T38] #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.267715][ T38] 7 locks held by kworker/u8:35/6441: [ 375.267725][ T38] #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.267772][ T38] #1: ffffc9000576fbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.267831][ T38] #2: ffff88803ade6300 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0 [ 375.267887][ T38] #3: ffff88805cdf7d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0 [ 375.267939][ T38] #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0 [ 375.267984][ T38] #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.268030][ T38] #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.268077][ T38] 1 lock held by udevd/6445: [ 375.268087][ T38] #0: ffff88803d8d60f8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 375.268138][ T38] 1 lock held by syz-executor/6450: [ 375.268148][ T38] #0: ffffffff8ecd3278 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 375.268193][ T38] 4 locks held by kworker/u9:10/6453: [ 375.268203][ T38] #0: ffff88805f7f1138 ((wq_completion)hci5#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.268255][ T38] #1: ffffc9000567fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.268302][ T38] #2: ffff8880461480a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0 [ 375.268349][ T38] #3: ffffffff8ee3ac38 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0 [ 375.268395][ T38] 1 lock held by udevd/6454: [ 375.268405][ T38] #0: ffff88803d8d1d78 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 375.268455][ T38] 1 lock held by udevd/6455: [ 375.268465][ T38] #0: ffff88803d8d0938 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 375.268515][ T38] 1 lock held by udevd/6456: [ 375.268526][ T38] #0: ffff88803d8d7538 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240 [ 375.268576][ T38] 4 locks held by kworker/0:28/6461: [ 375.268586][ T38] #0: ffff888019899138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.268703][ T38] #1: ffffc9000556fbc0 ((work_completion)(&br->mcast_gc_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.268750][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.268796][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.268854][ T38] 4 locks held by kworker/0:29/6463: [ 375.268865][ T38] #0: ffff88805b59b138 ((wq_completion)wg-crypt-wg0#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 375.268916][ T38] #1: ffffc900056cfbc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 375.268964][ T38] #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400 [ 375.269010][ T38] #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400 [ 375.269059][ T38] [ 375.269064][ T38] ============================================= [ 375.269064][ T38] [ 375.269088][ T38] NMI backtrace for cpu 0 [ 375.269102][ T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 375.269123][ T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 375.269134][ T38] Call Trace: [ 375.269142][ T38] [ 375.269151][ T38] dump_stack_lvl+0x189/0x250 [ 375.269181][ T38] ? __pfx_dump_stack_lvl+0x10/0x10 [ 375.269207][ T38] ? __pfx__printk+0x10/0x10 [ 375.269239][ T38] nmi_cpu_backtrace+0x39e/0x3d0 [ 375.269266][ T38] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 375.269291][ T38] ? __pfx__printk+0x10/0x10 [ 375.269315][ T38] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 375.269340][ T38] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 375.269366][ T38] watchdog+0xf93/0xfe0 [ 375.269394][ T38] ? watchdog+0x1de/0xfe0 [ 375.269421][ T38] kthread+0x70e/0x8a0 [ 375.269450][ T38] ? __pfx_watchdog+0x10/0x10 [ 375.269472][ T38] ? __pfx_kthread+0x10/0x10 [ 375.269503][ T38] ? __pfx_kthread+0x10/0x10 [ 375.269530][ T38] ret_from_fork+0x3f9/0x770 [ 375.269555][ T38] ? __pfx_ret_from_fork+0x10/0x10 [ 375.269585][ T38] ? __switch_to_asm+0x39/0x70 [ 375.269601][ T38] ? __switch_to_asm+0x33/0x70 [ 375.269617][ T38] ? __pfx_kthread+0x10/0x10 [ 375.269644][ T38] ret_from_fork_asm+0x1a/0x30 [ 375.269677][ T38] [ 375.269684][ T38] Sending NMI from CPU 0 to CPUs 1: [ 375.269710][ C1] NMI backtrace for cpu 1 [ 375.269724][ C1] CPU: 1 UID: 0 PID: 1108 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 375.269743][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 375.269753][ C1] Workqueue: events_unbound cfg80211_wiphy_work [ 375.269776][ C1] RIP: 0010:check_preemption_disabled+0x5/0x120 [ 375.269794][ C1] Code: 48 c7 c6 e0 0f 62 8b eb 1c 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 <53> 48 83 ec 10 65 48 8b 05 fe 24 ff 06 48 89 44 24 08 65 8b 05 06 [ 375.269807][ C1] RSP: 0018:ffffc90004d8e2f8 EFLAGS: 00000046 [ 375.269820][ C1] RAX: ffff8880268f1dc0 RBX: 0000000000000000 RCX: c174b80ff8259800 [ 375.269832][ C1] RDX: 0000000000000000 RSI: ffffffff8d04d527 RDI: ffffffff8b621000 [ 375.269843][ C1] RBP: ffffffff8172b165 R08: 0000000000000000 R09: 0000000000000000 [ 375.269853][ C1] R10: ffffc90004d8e4d8 R11: ffffffff81aae2f0 R12: 0000000000000002 [ 375.269864][ C1] R13: ffffffff8d9a8bc0 R14: 0000000000000000 R15: 0000000000000246 [ 375.269875][ C1] FS: 0000000000000000(0000) GS:ffff8881269bf000(0000) knlGS:0000000000000000 [ 375.269888][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 375.269899][ C1] CR2: 00007f5532ca8710 CR3: 000000000d7a6000 CR4: 00000000003526f0 [ 375.269914][ C1] Call Trace: [ 375.269919][ C1] [ 375.269926][ C1] ? unwind_next_frame+0xa5/0x2390 [ 375.269947][ C1] lock_acquire+0xe7/0x360 [ 375.269969][ C1] ? unwind_next_frame+0xa5/0x2390 [ 375.269988][ C1] ? kasan_save_free_info+0x46/0x50 [ 375.270004][ C1] ? unwind_next_frame+0xa5/0x2390 [ 375.270023][ C1] unwind_next_frame+0xc2/0x2390 [ 375.270042][ C1] ? unwind_next_frame+0xa5/0x2390 [ 375.270064][ C1] ? unwind_next_frame+0xa5/0x2390 [ 375.270084][ C1] ? kasan_save_track+0x3e/0x80 [ 375.270106][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 375.270121][ C1] arch_stack_walk+0x11c/0x150 [ 375.270143][ C1] ? kasan_save_free_info+0x46/0x50 [ 375.270159][ C1] stack_trace_save+0x9c/0xe0 [ 375.270175][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 375.270195][ C1] ? __lock_acquire+0xab9/0xd20 [ 375.270214][ C1] kasan_save_track+0x3e/0x80 [ 375.270229][ C1] ? kasan_save_track+0x3e/0x80 [ 375.270245][ C1] ? kasan_save_free_info+0x46/0x50 [ 375.270283][ C1] kasan_save_free_info+0x46/0x50 [ 375.270297][ C1] __kasan_slab_free+0x5b/0x80 [ 375.270314][ C1] ? skb_release_data+0x62d/0x7c0 [ 375.270328][ C1] kmem_cache_free+0x195/0x510 [ 375.270351][ C1] skb_release_data+0x62d/0x7c0 [ 375.270370][ C1] consume_skb+0x9e/0xf0 [ 375.270391][ C1] nft_synproxy_eval_v4+0x376/0x560 [ 375.270411][ C1] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 375.270429][ C1] ? nf_ip_checksum+0x13c/0x510 [ 375.270455][ C1] nft_synproxy_do_eval+0x345/0x570 [ 375.270474][ C1] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 375.270499][ C1] nft_do_chain+0x409/0x1920 [ 375.270514][ C1] ? finish_task_switch+0x266/0x950 [ 375.270537][ C1] ? finish_task_switch+0x266/0x950 [ 375.270566][ C1] ? __pfx_nft_do_chain+0x10/0x10 [ 375.270580][ C1] ? __schedule+0x1709/0x4c20 [ 375.270609][ C1] ? __pfx_migrate_enable+0x10/0x10 [ 375.270633][ C1] nft_do_chain_inet+0x25d/0x340 [ 375.270649][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 375.270665][ C1] ? __lock_acquire+0xab9/0xd20 [ 375.270688][ C1] ? NF_HOOK+0x9a/0x3a0 [ 375.270708][ C1] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 375.270724][ C1] nf_hook_slow+0xc2/0x220 [ 375.270747][ C1] NF_HOOK+0x206/0x3a0 [ 375.270767][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 375.270786][ C1] ? NF_HOOK+0x9a/0x3a0 [ 375.270804][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 375.270819][ C1] ? ip_rcv_finish_core+0xda3/0x1c00 [ 375.270841][ C1] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 375.270861][ C1] ? skb_dst+0x4f/0xd0 [ 375.270881][ C1] ? ip_local_deliver+0x12a/0x1b0 [ 375.270901][ C1] NF_HOOK+0x30c/0x3a0 [ 375.270921][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 375.270940][ C1] ? NF_HOOK+0x9a/0x3a0 [ 375.270958][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 375.270984][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 375.271008][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 375.271026][ C1] __netif_receive_skb+0x143/0x380 [ 375.271044][ C1] ? rt_spin_unlock+0x65/0x80 [ 375.271064][ C1] ? process_backlog+0x27b/0x900 [ 375.271082][ C1] process_backlog+0x31e/0x900 [ 375.271107][ C1] __napi_poll+0xb3/0x540 [ 375.271127][ C1] net_rx_action+0x707/0xe00 [ 375.271154][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 375.271172][ C1] ? rtlock_slowlock_locked+0xd8/0x4010 [ 375.271192][ C1] ? kvm_sched_clock_read+0x11/0x20 [ 375.271217][ C1] ? __pfx_sched_clock_cpu+0x10/0x10