last executing test programs: 46.91092443s ago: executing program 1 (id=2106): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x58c, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @filter_kind_options=@f_fw={{0x7}, {0x550, 0x2, [@TCA_FW_CLASSID={0x8}, @TCA_FW_INDEV={0x14, 0x3, 'batadv_slave_1\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'veth0_to_bond\x00'}, @TCA_FW_ACT={0x350, 0x4, [@m_vlan={0x9c, 0x0, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6}]}, {0x65, 0x6, "f370dfc26bda3e8bd45216da1aa3964ed3b60b4334447ba4ec948d16c5ea9e784cb150ef66ab93528c18790962548e5c98822116cbfdcf7c3a8c7c2ee29dd2ff997bf0d0f836545bbd9b9302deb518f69dfe39552cca68ac02e9c6dbf11370b01a"}, {0xc}, {0xc}}}, @m_ctinfo={0x140, 0x0, 0x0, 0x0, {{0xb}, {0x6c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8}, @TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_ZONE={0x6}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8}]}, {0xa9, 0x6, "8c4274210bf4344eee0ade94d895eb3f5fdc4ec866ec0d5005a60331686a8486fa8e91c85c847181e823fee4afb8a60979707828e026c45a9f6bd9f7ee27bef80232e58cb39f657808a8baeadea90445f236d2258ab3605aad1caf64002deeb4d8a5343c583834755ade8cf160436309025cb38b6c9299c2c1cd0ef13722520a49dd39f5764b7ab61e70dca6442cd72486bed389794867ca6a1ff829148784451724a821e4"}, {0xc}, {0xc}}}, @m_skbedit={0xc0, 0x0, 0x0, 0x0, {{0xc}, {0x14, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6}, @TCA_SKBEDIT_MARK={0x8}]}, {0x81, 0x6, "c7edfeac621139196345a6f8a58e296e7b575b7c0378eaffc10c3da07f6334206643a2e68c91a8b4902ecb43b8a7f223c44b62e3db93dda61a92e5954dc28e03fbca5aa97221e43a236c3a9ceec773a2788904f1555a0ad9445498987e4e4c2eec07efb6469fd17acc2abe301331b06a3bd50774f35a7dc2597ab865c0"}, {0xc}, {0xc}}}, @m_skbmod={0xb0, 0x0, 0x0, 0x0, {{0xb}, {0x4}, {0x81, 0x6, "be55bff691533e94de09ed9bad82256009362c9d3574a6b99e33706b0f0231574705a47990aef3802fbf834b6a38694135ceea751b58dbb126083b120c1a2fdc50bdb043e9620b3ed622634d55d1ebdf64b587e4e5ce2f87cd842a014f2429c40521b161d39ecd7569abacb93592b30a623b5a2d1bb484573e87ba3247"}, {0xc}, {0xc}}}]}, @TCA_FW_CLASSID={0x8}, @TCA_FW_POLICE={0x18, 0x2, [@TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc}]}, @TCA_FW_CLASSID={0x8}, @TCA_FW_INDEV={0x14, 0x3, 'pimreg1\x00'}, @TCA_FW_ACT={0x190, 0x4, [@m_simple={0x18c, 0x0, 0x0, 0x0, {{0xb}, {0xa4, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0x7, 0x3, '9p\x00'}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0x7, 0x3, '(${'}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_DATA={0x9, 0x3, 'fd/3\x00'}, @TCA_DEF_DATA={0xb, 0x3, 'ctinfo\x00'}, @TCA_DEF_PARMS={0x18}, @TCA_DEF_PARMS={0x18}]}, {0xbd, 0x6, "4609dc63a7e2c1e8d8f3947bfe64049bafc10942cf56376c73961c5ee06f3a38e48c1a286e545dd4a521f2869b54fbcf1c7958eb636e54a910cbe3d0b34b67c9400d92c4bd68f2a5e196d558cfa1c8440806e82a3b539579ffad8fa8a57d9e0f03a55d685ca9804d9ab3e8fc9ec628c9215f2dd203c0df39c16e305c6a3779e502b765346f18214d779c47efff0383ed043d1ab0f727724ceef38cec021286c237c74581b6534e7063efefb444946942ef5c15dc40d8b81fe0"}, {0xc}, {0xc}}}]}]}}]}, 0x58c}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 25.372646767s ago: executing program 2 (id=2129): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000000)=@ipv4_newaddr={0x3c, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r2}, [@IFA_BROADCAST={0x8, 0x4, @dev}, @IFA_LABEL={0x14}, @IFA_LOCAL={0x8, 0x2, @remote}]}, 0x3c}}, 0x0) 25.066699753s ago: executing program 2 (id=2130): semget$private(0x0, 0x0, 0x0) semtimedop(0x0, &(0x7f0000000340)=[{0x0, 0x1}], 0x1, 0x0) socket$packet(0x11, 0x3, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r3) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) r5 = landlock_create_ruleset(&(0x7f00000000c0)={0x3}, 0x10, 0x0) landlock_restrict_self(r5, 0x0) fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, 0x0}) r7 = syz_open_procfs(r6, &(0x7f0000000040)='io\x00') pread64(r7, &(0x7f00000004c0)=""/251, 0xfb, 0x4) 22.140708453s ago: executing program 2 (id=2137): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b402000000000000791100000000000085000000010000009500000000000000359bb9f43d86b136000000008762000000f33ad18fa9b151092e9172d8ca80be3fd2fe"], 0x0}, 0x90) syz_mount_image$udf(&(0x7f0000000a40), &(0x7f00000004c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4400, &(0x7f0000000340)=ANY=[@ANYBLOB='dmode=00000000000000000000006,noadinicb,novrs,uid=', @ANYRESDEC=0x0, @ANYBLOB="0000000000000000008000"], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==") r0 = socket(0x11, 0x3, 0x0) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000700)=0xe9, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) dup2(r0, r3) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r5, &(0x7f0000000200), 0xf000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0) write$binfmt_script(r3, &(0x7f0000000240), 0xfecc) 20.546061145s ago: executing program 2 (id=2140): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@commit={'commit', 0x3d, 0x7999b593}}, {@nouid32}, {@resuid}, {@abort}, {@nobarrier}, {@abort}, {@grpquota}, {@orlov}, {@debug}, {@errors_remount}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f00000000c0), 0xe, 0x4da, &(0x7f0000000740)="$eJzs3d9vFFsdAPDvTLvYQrFFfUASgQimEGXbUoHGB8TEyBOJiu9Y223TdNttulugDdES/wATY9TEJ5588T8wMTz4BxgTE303/oxR0Acf7r17s7uzUMput7l32yHt55MMc87Z2X6/Z8jOzsw52Qng2LoYEXciYiAirkbEaNaeZsvdRmW7td3LF0/mGksS9fr9fyeRZG27/+ap1ltiKCK+fTfie8nbcaubW8uz5XJpPatP1FbWJqqbW9eWVmYXS4ul1enpqZszt2ZuzEz2pZ+Nft3++t9++qNffuP2b7706M8P/nnl+420RrLXO/WjH1pdLzT3RdtgRKwfRLAcDGTrQs8tf3vguQAA0FvjHP9TEfH55vn/aAw0z04BAACAo6T+1ZF4L4moAwAAAEdW2pwDm6TFbC7ASKRpsdiaw/uZOJmWK9XaFxcqG6vzrbmyY1FIF5bKpclsTu1YFJJGfapZfl2/vqs+HRFnIuIno8PNenGuUp7P++YHAAAAHBOndl3//2+0df0PAAAAHDFjeScAAAAAHLg3rv+f5ZcHAAAAcHCM/wMAAMCR9s179xpLvf386/mHmxvLlYfX5kvV5eLKxlxxrrK+VlysVBabv9m30uvvlSuVtS/H6sbjiVqpWpuobm49WKlsrNYeLL3xCGwAAADgEJ258PxPSURsf2W4uTScyDsp4FAkvTbYedfurwebC3C4BvJOAMjNYN4JALkp5J0AkLte9wG6Tt75Xf9zAQAADsb4Z1+N/w+329rj/73vDfQcPQTeYWneCQAAh874PxxfBTMA4dj75O6GJGJ7R/Xjj//X6x8lLwAAoH9GmkuSFrOxwJFI02Ix4nTzsQCFZGGpXJrMrg/+OFr4RKM+1XxnYvQfAAAAAAAAAAAAAAAAAAAAAAAAAPapXk+iDgAAABxpEek/kuxJ/uOjl0d23x84kfx/tLmOiEe/uP+zx7O12vpUo/0/r9prP8/ar3ueOAAAALwL2tfp7et4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOinly+ezLWXt148cXBx//W1iBjrFH8whprroShExMn/JjG4431JRAz0If7204g42yl+0kgrxrIsOsUfzjF+GhGn+hAfjrPnjePPnU6fvzQuNtedP3+N8t/7EL/78S99dfwb6HL8Ob3PGOe294j/NOLcYOfjTzt+0iX+pX3G/+53tra6vVZ/FjHe8fsneSPWRG1lbaK6uXVtaWV2sbRYWp2enro5c2vmxszkxMJSuZT92zHGjz/36w/26v/JLvHHWv2/0K3/l/fZ//f/8PjFp1vFQqf4Vy51/v4924r/1v5Ps+++L2Tll/X6D8azcrLd2p87nf/V78/v1f/5Lv3v9f9/ZZ/9v/qtH/5ln5sCAIegurm1PFsul9YVOhfqdTtK4UgWYmivbfI+MgEAAP32+qQ/70wAAAAAAAAAAAAAAAAAAADg+DqMXxrbHXOPn6MGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjNhwEAAP//LNjXMw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000952000/0x2000)=nil, 0x2000, 0xf, 0x28011, r0, 0xffffd000) open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f0000000140)='.\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x91905a, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r2, &(0x7f0000000340)='./file0/../file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0) mount(&(0x7f0000000080)=@filename='\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x261002, 0x0) umount2(&(0x7f0000000300)='./file0\x00', 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f0000002600)=ANY=[], 0x1, 0x5f4, &(0x7f000001f6c0)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6") lremovexattr(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100)=@known='trusted.overlay.impure\x00') 20.101008683s ago: executing program 3 (id=2142): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000240)={'#! ', './file1', [], 0xa, "b26c45b0ba9f93e1b884d7ee0fa7c5c76f1c3fb93b37678feb7121427c1f78066c84fa85fce5d562792cbf969492b749b81ec1da8d58"}, 0x41) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r2 = socket(0xa, 0x6, 0x0) getsockopt$inet6_mreq(r2, 0x10d, 0xef, 0x0, &(0x7f0000000040)) 19.629837431s ago: executing program 2 (id=2143): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x10, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x8c}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 19.304640649s ago: executing program 3 (id=2145): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00058639aa6f0bfbe4b28434ef119376977b00fffbcec7a5fc1f5a72d4fe24156a9f971990e4f372b7"], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r1) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000020000082505a1a44000010203010902"], 0x0) ioctl$EVIOCRMFF(r1, 0x40085503, &(0x7f0000000500)) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f0000000080)="e7feeeb53d72", 0x6, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r4, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r3, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01') 19.19209878s ago: executing program 2 (id=2147): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0) ftruncate(r0, 0xc17a) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = dup2(r1, r1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r2, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200408c4, &(0x7f0000000200)={0x2, 0x4e21, @local}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendto$inet(r3, &(0x7f0000000240)="94", 0xfffffff2, 0x61, 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffb000/0x4000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/129, 0xffffffffffffffd2, 0x0, 0x0}, &(0x7f0000000080)=0x40) 19.160913255s ago: executing program 1 (id=2111): r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) finit_module(r0, 0x0, 0x0) 18.693463176s ago: executing program 1 (id=2150): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b402000000000000791100000000000085000000010000009500000000000000359bb9f43d86b136000000008762000000f33ad18fa9b151092e9172d8ca80be3fd2fe"], 0x0}, 0x90) syz_mount_image$udf(&(0x7f0000000a40), &(0x7f00000004c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4400, &(0x7f0000000340)=ANY=[@ANYBLOB='dmode=00000000000000000000006,noadinicb,novrs,uid=', @ANYRESDEC=0x0, @ANYBLOB="0000000000000000008000"], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==") r0 = socket(0x11, 0x3, 0x0) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000700)=0xe9, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local}, 0x14) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) dup2(r0, r3) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r5, &(0x7f0000000200), 0xf000) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0) write$binfmt_script(r3, &(0x7f0000000240), 0xfecc) 18.076079822s ago: executing program 1 (id=2152): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@commit={'commit', 0x3d, 0x7999b593}}, {@nouid32}, {@resuid}, {@abort}, {@nobarrier}, {@abort}, {@grpquota}, {@orlov}, {@debug}, {@errors_remount}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f00000000c0), 0xe, 0x4da, &(0x7f0000000740)="$eJzs3d9vFFsdAPDvTLvYQrFFfUASgQimEGXbUoHGB8TEyBOJiu9Y223TdNttulugDdES/wATY9TEJ5588T8wMTz4BxgTE303/oxR0Acf7r17s7uzUMput7l32yHt55MMc87Z2X6/Z8jOzsw52Qng2LoYEXciYiAirkbEaNaeZsvdRmW7td3LF0/mGksS9fr9fyeRZG27/+ap1ltiKCK+fTfie8nbcaubW8uz5XJpPatP1FbWJqqbW9eWVmYXS4ul1enpqZszt2ZuzEz2pZ+Nft3++t9++qNffuP2b7706M8P/nnl+420RrLXO/WjH1pdLzT3RdtgRKwfRLAcDGTrQs8tf3vguQAA0FvjHP9TEfH55vn/aAw0z04BAACAo6T+1ZF4L4moAwAAAEdW2pwDm6TFbC7ASKRpsdiaw/uZOJmWK9XaFxcqG6vzrbmyY1FIF5bKpclsTu1YFJJGfapZfl2/vqs+HRFnIuIno8PNenGuUp7P++YHAAAAHBOndl3//2+0df0PAAAAHDFjeScAAAAAHLg3rv+f5ZcHAAAAcHCM/wMAAMCR9s179xpLvf386/mHmxvLlYfX5kvV5eLKxlxxrrK+VlysVBabv9m30uvvlSuVtS/H6sbjiVqpWpuobm49WKlsrNYeLL3xCGwAAADgEJ258PxPSURsf2W4uTScyDsp4FAkvTbYedfurwebC3C4BvJOAMjNYN4JALkp5J0AkLte9wG6Tt75Xf9zAQAADsb4Z1+N/w+329rj/73vDfQcPQTeYWneCQAAh874PxxfBTMA4dj75O6GJGJ7R/Xjj//X6x8lLwAAoH9GmkuSFrOxwJFI02Ix4nTzsQCFZGGpXJrMrg/+OFr4RKM+1XxnYvQfAAAAAAAAAAAAAAAAAAAAAAAAAPapXk+iDgAAABxpEek/kuxJ/uOjl0d23x84kfx/tLmOiEe/uP+zx7O12vpUo/0/r9prP8/ar3ueOAAAALwL2tfp7et4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOinly+ezLWXt148cXBx//W1iBjrFH8whprroShExMn/JjG4431JRAz0If7204g42yl+0kgrxrIsOsUfzjF+GhGn+hAfjrPnjePPnU6fvzQuNtedP3+N8t/7EL/78S99dfwb6HL8Ob3PGOe294j/NOLcYOfjTzt+0iX+pX3G/+53tra6vVZ/FjHe8fsneSPWRG1lbaK6uXVtaWV2sbRYWp2enro5c2vmxszkxMJSuZT92zHGjz/36w/26v/JLvHHWv2/0K3/l/fZ//f/8PjFp1vFQqf4Vy51/v4924r/1v5Ps+++L2Tll/X6D8azcrLd2p87nf/V78/v1f/5Lv3v9f9/ZZ/9v/qtH/5ln5sCAIegurm1PFsul9YVOhfqdTtK4UgWYmivbfI+MgEAAP32+qQ/70wAAAAAAAAAAAAAAAAAAADg+DqMXxrbHXOPn6MGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjNhwEAAP//LNjXMw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000952000/0x2000)=nil, 0x2000, 0xf, 0x28011, r0, 0xffffd000) open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f0000000140)='.\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x91905a, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r2, &(0x7f0000000340)='./file0/../file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0) mount(&(0x7f0000000080)=@filename='\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x261002, 0x0) umount2(&(0x7f0000000300)='./file0\x00', 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f0000002600)=ANY=[], 0x1, 0x5f4, &(0x7f000001f6c0)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6") lremovexattr(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100)=@known='trusted.overlay.impure\x00') 17.039252651s ago: executing program 1 (id=2158): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2020) open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9}}, 0x50) read$FUSE(r0, &(0x7f0000004580)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r2}, 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) flock(r3, 0x5) 16.80528659s ago: executing program 3 (id=2159): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VIDIOC_ENUMOUTPUT(r0, 0xc0485630, &(0x7f0000002ac0)={0x0, "c0a2e7ebfdb28ea9c1de14a04f23b7cd1687f69180b4add166265cd62edc2f39"}) 16.568141671s ago: executing program 3 (id=2161): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0x7fff) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f000000e0c0), 0x10010) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@ccm_128={{0x304}, "c4d7826fade200", "75e29881592b9fd38bcad042e286f2cd", ')\x00\x000', "578619a280c847dd"}, 0x28) sendfile(r0, r1, &(0x7f0000000100), 0x10001) 16.349707325s ago: executing program 3 (id=2163): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x8002) ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0\x00') mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)='sysfs\x00', 0x0, 0x0) ioctl$HIDIOCGNAME(r1, 0x80404806, &(0x7f0000000000)) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0) chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00') r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48) 16.048647315s ago: executing program 4 (id=2165): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000008004400000009000000380003801400020076657468305f766972745f77696669000500080000000000080001000000000008000300000000000500080096"], 0x4c}}, 0x0) 14.177052445s ago: executing program 4 (id=2167): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000240)={'#! ', './file1', [], 0xa, "b26c45b0ba9f93e1b884d7ee0fa7c5c76f1c3fb93b37678feb7121427c1f78066c84fa85fce5d562792cbf969492b749b81ec1da8d58"}, 0x41) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r2 = socket(0xa, 0x6, 0x0) getsockopt$inet6_mreq(r2, 0x10d, 0xef, 0x0, &(0x7f0000000040)) 14.032021654s ago: executing program 1 (id=2169): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00058639aa6f0bfbe4b28434ef119376977b00fffbcec7a5fc1f5a72d4fe24156a9f971990e4f372b7"], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r1) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000020000082505a1a44000010203010902"], 0x0) ioctl$EVIOCRMFF(r1, 0x40085503, &(0x7f0000000500)) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f0000000080)="e7feeeb53d72", 0x6, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r4, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r3, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01') 13.47052525s ago: executing program 3 (id=2172): statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000500)=""/4096) r0 = shmget$private(0x0, 0x3000, 0x4, &(0x7f0000ffa000/0x3000)=nil) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000140)=""/128) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x7fffffff, 0x6, 0x32}, 0x9c) bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000001b80), &(0x7f0000001940)=0xe2) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000001980), 0xc) sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shmctl$SHM_STAT(r0, 0xd, &(0x7f0000000080)=""/42) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, &(0x7f0000001600)={0x0, 0xd6, "ab347fb1151edfaf5db4405a5ad6601fbfe4211b8a4d01717c0ba9ef1bf00ce24a3fcf4be6c59bf12287a13534a563c3d6f3b9f213344b02b0a1493daf3f098bd2a07ac52e554c32e2239f671285ebf093b85bc64a7827542634d44bda767e7495e319ab0779b35eb558c15f962b2f61cd74d547bcca8b1c5a054d52aefee632bf0a142fe00d80168be67c33b4752a8a12da8b881e4cda288d8f52332a68cb14b915d95e6b9609adcde77c7bb9dcc7bca72d86032ca797f5e136c285328feb78519b3e0694e4874570435155157392a624f85b7c5c56"}, &(0x7f0000001700)=0xde) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000001740)={r4, @in6={{0xa, 0x4e23, 0x3, @private1, 0xd03}}, 0x6, 0x9e2, 0x2, 0x4, 0xfffffffd}, &(0x7f0000001800)=0x98) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000300)={0x20, 0x4, 0x20, 0xff, 0xf1, 0x2, 0xe, 0x20, 0xfb, 0x1, 0x80, 0x40, 0x94, 0xd5}, 0xe) r5 = socket$nl_route(0x10, 0x3, 0x0) shmctl$SHM_STAT_ANY(r0, 0xf, &(0x7f0000000200)=""/86) sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0xd01591ce27e4290}, 0x0) quotactl_fd$Q_SETINFO(r5, 0xffffffff80000601, 0xee00, &(0x7f00000000c0)={0x7, 0x1, 0x0, 0x2}) ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000440)) r6 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000000)={0x6, 0x1e, 0x6, 0xda, 0x0, 0x16, 0x24, 0x7f, 0x3f, 0x3, 0x0, 0x7, 0x80, 0x6}, 0xe) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000280)={'ip6_vti0\x00', &(0x7f0000000340)=@ethtool_eeprom={0x43, 0xd29, 0x10000, 0xac, "2c25883baf75d02d6d6cc79f60a74529682c001c4993646a9aaf2dfd8830042cf95d59ce3bb028aad9fe7c7d4b6f6b82439683511971a669b6c496cca4bb720e75696d8fc41089807080373bf415af10ff109e130ff229eb8310966dcb3deac22b766f0339d81683dd7adeab7ae447ac4a5d3294e98bc53d54c8556ae2a2edb694fd5ee9661c0f6265e8c26cc5a649eea8482e2ff24530f5dffafc16606021b687b3c86a22fcd02a84b97889"}}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000001a40)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000001b40)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001b00)={&(0x7f0000001a80)=@ipv6_deladdrlabel={0x60, 0x49, 0x200, 0x70bd2a, 0x25dfdbfc, {0xa, 0x0, 0x3f, 0x0, r7, 0x8000}, [@IFAL_LABEL={0x8, 0x2, 0x6}, @IFAL_ADDRESS={0x14, 0x1, @empty}, @IFAL_ADDRESS={0x14, 0x1, @empty}, @IFAL_ADDRESS={0x14, 0x1, @private0}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x40) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r1) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f00000015c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000001580)={&(0x7f0000001500)={0x58, r8, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void, @val={0xc, 0x99, {0x90, 0x70}}}}, [@NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}], @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x58}}, 0x4000051) syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="040e050039200317b4966dd30f1cadd7ee12e06c79950679db79bfb2ed6b5ed3bce16d2376d4cbff956f91b60c548b74b4f7699f893451e2f73385ea067811e4b979a90023f2c66a8b15b2d25b42fc9c2ceae02f8d4ea8a3ff891fb3a8e1e7954993ab"], 0x7) 13.45965215s ago: executing program 4 (id=2173): r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) close(r0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100)) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = userfaultfd(0x80001) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2}) 12.752097452s ago: executing program 0 (id=2176): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_DELRULE={0x38, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_POSITION={0xc}]}], {0x14}}, 0x60}}, 0x0) 12.090613288s ago: executing program 0 (id=2177): r0 = socket$inet6(0xa, 0x2, 0x3a) readv(r0, &(0x7f00000006c0)=[{&(0x7f0000000440)=""/129, 0x81}], 0x1) connect$inet6(r0, &(0x7f0000000040), 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000540)=0x96, 0x4) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) 11.99403311s ago: executing program 4 (id=2178): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3a) r5 = socket$inet_tcp(0x2, 0x1, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000180)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @scatter={0x0, 0x1200, 0x0}, &(0x7f00000000c0)='\b\x00\fj\bH', 0x0, 0x0, 0x0, 0x0, 0x0}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) shutdown(0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, 0x0, 0x0) sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x0, 0x0, 0xfffffffffffffd25) 11.815929638s ago: executing program 0 (id=2179): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00058639aa6f0bfbe4b28434ef119376977b00fffbcec7a5fc1f5a72d4fe24156a9f971990e4f372b7"], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r1) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000020000082505a1a44000010203010902"], 0x0) ioctl$EVIOCRMFF(r1, 0x40085503, &(0x7f0000000500)) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f0000000080)="e7feeeb53d72", 0x6, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r4, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r3, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01') 10.875777165s ago: executing program 4 (id=2180): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @ipv4}], 0x48) sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 10.649104636s ago: executing program 4 (id=2181): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x8002) ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0\x00') mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)='sysfs\x00', 0x0, 0x0) ioctl$HIDIOCGNAME(r1, 0x80404806, &(0x7f0000000000)) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0) chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00') r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48) 8.587680051s ago: executing program 0 (id=2182): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@commit={'commit', 0x3d, 0x7999b593}}, {@nouid32}, {@resuid}, {@abort}, {@nobarrier}, {@abort}, {@grpquota}, {@orlov}, {@debug}, {@errors_remount}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f00000000c0), 0xe, 0x4da, &(0x7f0000000740)="$eJzs3d9vFFsdAPDvTLvYQrFFfUASgQimEGXbUoHGB8TEyBOJiu9Y223TdNttulugDdES/wATY9TEJ5588T8wMTz4BxgTE303/oxR0Acf7r17s7uzUMput7l32yHt55MMc87Z2X6/Z8jOzsw52Qng2LoYEXciYiAirkbEaNaeZsvdRmW7td3LF0/mGksS9fr9fyeRZG27/+ap1ltiKCK+fTfie8nbcaubW8uz5XJpPatP1FbWJqqbW9eWVmYXS4ul1enpqZszt2ZuzEz2pZ+Nft3++t9++qNffuP2b7706M8P/nnl+420RrLXO/WjH1pdLzT3RdtgRKwfRLAcDGTrQs8tf3vguQAA0FvjHP9TEfH55vn/aAw0z04BAACAo6T+1ZF4L4moAwAAAEdW2pwDm6TFbC7ASKRpsdiaw/uZOJmWK9XaFxcqG6vzrbmyY1FIF5bKpclsTu1YFJJGfapZfl2/vqs+HRFnIuIno8PNenGuUp7P++YHAAAAHBOndl3//2+0df0PAAAAHDFjeScAAAAAHLg3rv+f5ZcHAAAAcHCM/wMAAMCR9s179xpLvf386/mHmxvLlYfX5kvV5eLKxlxxrrK+VlysVBabv9m30uvvlSuVtS/H6sbjiVqpWpuobm49WKlsrNYeLL3xCGwAAADgEJ258PxPSURsf2W4uTScyDsp4FAkvTbYedfurwebC3C4BvJOAMjNYN4JALkp5J0AkLte9wG6Tt75Xf9zAQAADsb4Z1+N/w+329rj/73vDfQcPQTeYWneCQAAh874PxxfBTMA4dj75O6GJGJ7R/Xjj//X6x8lLwAAoH9GmkuSFrOxwJFI02Ix4nTzsQCFZGGpXJrMrg/+OFr4RKM+1XxnYvQfAAAAAAAAAAAAAAAAAAAAAAAAAPapXk+iDgAAABxpEek/kuxJ/uOjl0d23x84kfx/tLmOiEe/uP+zx7O12vpUo/0/r9prP8/ar3ueOAAAALwL2tfp7et4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOinly+ezLWXt148cXBx//W1iBjrFH8whprroShExMn/JjG4431JRAz0If7204g42yl+0kgrxrIsOsUfzjF+GhGn+hAfjrPnjePPnU6fvzQuNtedP3+N8t/7EL/78S99dfwb6HL8Ob3PGOe294j/NOLcYOfjTzt+0iX+pX3G/+53tra6vVZ/FjHe8fsneSPWRG1lbaK6uXVtaWV2sbRYWp2enro5c2vmxszkxMJSuZT92zHGjz/36w/26v/JLvHHWv2/0K3/l/fZ//f/8PjFp1vFQqf4Vy51/v4924r/1v5Ps+++L2Tll/X6D8azcrLd2p87nf/V78/v1f/5Lv3v9f9/ZZ/9v/qtH/5ln5sCAIegurm1PFsul9YVOhfqdTtK4UgWYmivbfI+MgEAAP32+qQ/70wAAAAAAAAAAAAAAAAAAADg+DqMXxrbHXOPn6MGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjNhwEAAP//LNjXMw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000952000/0x2000)=nil, 0x2000, 0xf, 0x28011, r0, 0xffffd000) open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f0000000140)='.\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x91905a, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r2, &(0x7f0000000340)='./file0/../file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0) mount(&(0x7f0000000080)=@filename='\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x261002, 0x0) umount2(&(0x7f0000000300)='./file0\x00', 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f0000002600)=ANY=[], 0x1, 0x5f4, &(0x7f000001f6c0)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6") lremovexattr(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100)=@known='trusted.overlay.impure\x00') 6.552262158s ago: executing program 0 (id=2183): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM") mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) 0s ago: executing program 0 (id=2186): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000000c0)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = syz_open_dev$sndpcmp(&(0x7f0000002440), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_PAUSE(r4, 0x40044160, 0x0) kernel console output (not intermixed with test programs): 25c4 R09: 000000000000000c [ 1620.017516][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006 [ 1620.025559][ C0] R13: 0000000000000000 R14: 00007f719dc33610 R15: 0000000000000000 [ 1620.033618][ C0] [ 1620.036665][ C0] DEBUG: holding rtnl_mutex for 4664 jiffies. [ 1620.042789][ C0] task:kworker/u8:11 state:R running task stack:18640 pid:8523 tgid:8523 ppid:2 flags:0x00004000 [ 1620.054599][ C0] Workqueue: netns cleanup_net [ 1620.059405][ C0] Call Trace: [ 1620.062741][ C0] [ 1620.065690][ C0] __schedule+0x1800/0x4a60 [ 1620.070305][ C0] ? __pfx___schedule+0x10/0x10 [ 1620.075206][ C0] ? preempt_schedule+0xe1/0xf0 [ 1620.080136][ C0] preempt_schedule_common+0x84/0xd0 [ 1620.085552][ C0] preempt_schedule+0xe1/0xf0 [ 1620.090301][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 1620.095710][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1620.101774][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1620.108839][ C0] preempt_schedule_thunk+0x1a/0x30 [ 1620.115014][ C0] _raw_spin_unlock_irqrestore+0x130/0x140 [ 1620.120919][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1620.127305][ C0] kthread_queue_work+0x110/0x180 [ 1620.132446][ C0] synchronize_rcu_expedited+0x5ad/0x830 [ 1620.138214][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 1620.144464][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1620.149785][ C0] ? __pfx___might_resched+0x10/0x10 [ 1620.155157][ C0] ? netdev_upper_dev_unlink+0x92/0xd0 [ 1620.160703][ C0] ? __pfx_netdev_upper_dev_unlink+0x10/0x10 [ 1620.166810][ C0] netdev_rx_handler_unregister+0xa0/0x110 [ 1620.172694][ C0] team_port_del+0x435/0xcc0 [ 1620.177404][ C0] ? __mutex_lock+0x2ef/0xd70 [ 1620.182183][ C0] ? __pfx_team_port_del+0x10/0x10 [ 1620.187370][ C0] ? bond_netdev_event+0xdd/0xf20 [ 1620.192498][ C0] ? team_del_slave+0x32/0x1d0 [ 1620.197318][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1620.202869][ C0] ? __asan_memset+0x23/0x50 [ 1620.207967][ C0] team_del_slave+0x3d/0x1d0 [ 1620.212661][ C0] team_device_event+0x200/0x5b0 [ 1620.217632][ C0] ? notifier_call_chain+0x162/0x3e0 [ 1620.223006][ C0] notifier_call_chain+0x19f/0x3e0 [ 1620.228173][ C0] unregister_netdevice_many_notify+0xd81/0x1c40 [ 1620.234606][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1620.241461][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1620.247391][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1620.253638][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1620.259320][ C0] ? __pfx___might_resched+0x10/0x10 [ 1620.264691][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1620.270913][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1620.276237][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1620.282457][ C0] cleanup_net+0x89d/0xcc0 [ 1620.286904][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1620.291920][ C0] ? process_scheduled_works+0x945/0x1830 [ 1620.298057][ C0] process_scheduled_works+0xa2c/0x1830 [ 1620.304615][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1620.310691][ C0] ? assign_work+0x364/0x3d0 [ 1620.315350][ C0] worker_thread+0x86d/0xd40 [ 1620.320045][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1620.325198][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1620.330393][ C0] kthread+0x2f0/0x390 [ 1620.334514][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1620.339750][ C0] ? __pfx_kthread+0x10/0x10 [ 1620.344415][ C0] ret_from_fork+0x4b/0x80 [ 1620.348866][ C0] ? __pfx_kthread+0x10/0x10 [ 1620.353532][ C0] ret_from_fork_asm+0x1a/0x30 [ 1620.358352][ C0] [ 1620.361434][ C0] [ 1620.361434][ C0] Showing all locks held in the system: [ 1620.369200][ C0] 2 locks held by getty/4979: [ 1620.373936][ C0] #0: ffff88802fc7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1620.383813][ C0] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1620.394042][ C0] 3 locks held by kworker/0:6/5275: [ 1620.399261][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1620.410427][ C0] #1: ffffc900038c7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1620.421503][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1620.430585][ C0] 3 locks held by kworker/1:5/5332: [ 1620.435814][ C0] #0: ffff888015881948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1620.448299][ C0] #1: ffffc90003f4fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1620.459489][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 1620.469274][ C0] 4 locks held by syz.4.332/6756: [ 1620.474384][ C0] 6 locks held by kworker/u8:11/8523: [ 1620.479785][ C0] 4 locks held by syz.2.1378/11061: [ 1620.485046][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_ioctl+0x1161/0x2480 [ 1620.495524][ C0] #1: ffff88807b305470 (&mi->mi_sem){++++}-{3:3}, at: nilfs_sufile_trim_fs+0x4f2/0x1270 [ 1620.505481][ C0] #2: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1620.515866][ C0] #3: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1620.525827][ C0] 1 lock held by segctord/11071: [ 1620.530820][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 1620.541820][ C0] 3 locks held by kworker/u8:3/13051: [ 1620.547206][ C0] #0: ffff88802a913148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1620.558897][ C0] #1: ffffc90003277d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1620.571804][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 1620.581440][ C0] 2 locks held by kworker/u8:4/13107: [ 1620.586840][ C0] 1 lock held by syz-executor/14414: [ 1620.592185][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1620.602061][ C0] 1 lock held by syz-executor/14482: [ 1620.607361][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1620.617003][ C0] 4 locks held by syz-executor/14502: [ 1620.622456][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1620.631462][ C0] #1: ffff888022e80088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1620.641326][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1620.651447][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1620.661900][ C0] 4 locks held by syz-executor/14506: [ 1620.667285][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1620.676285][ C0] #1: ffff88802cdd4488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1620.686139][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1620.696275][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1620.706837][ C0] 7 locks held by syz-executor/14508: [ 1620.712272][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1620.721272][ C0] #1: ffff88802ce9d488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1620.731223][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1620.741368][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1620.751844][ C0] #4: ffff888064d730e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1620.762580][ C0] #5: ffff888064d72250 (&devlink->lock_key#92){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 1620.772792][ C0] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 1620.781786][ C0] 1 lock held by syz-executor/14539: [ 1620.787086][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1620.796613][ C0] 1 lock held by syz-executor/14542: [ 1620.801966][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1620.811502][ C0] 1 lock held by syz-executor/14545: [ 1620.816804][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1620.826381][ C0] 1 lock held by syz-executor/14549: [ 1620.831735][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1620.841255][ C0] 1 lock held by syz-executor/14551: [ 1620.846573][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1620.856291][ C0] [ 1620.858637][ C0] ============================================= [ 1620.858637][ C0] [ 1620.930516][ T8523] team0 (unregistering): Port device team_slave_1 removed [ 1621.136048][ T8523] team0 (unregistering): Port device team_slave_0 removed [ 1621.239999][T11061] bio_check_eod: 19406 callbacks suppressed [ 1621.240023][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.240023][T11061] loop2: rw=3, sector=163273906851008, nr_sectors = 8388600 limit=0 [ 1621.295272][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.295272][T11061] loop2: rw=3, sector=163273915239608, nr_sectors = 8388600 limit=0 [ 1621.330684][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.330684][T11061] loop2: rw=3, sector=163273923628208, nr_sectors = 8388600 limit=0 [ 1621.345592][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.345592][T11061] loop2: rw=3, sector=163273932016808, nr_sectors = 8388600 limit=0 [ 1621.377637][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.377637][T11061] loop2: rw=3, sector=163273940405408, nr_sectors = 8388600 limit=0 [ 1621.393884][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.393884][T11061] loop2: rw=3, sector=163273948794008, nr_sectors = 8388600 limit=0 [ 1621.427322][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.427322][T11061] loop2: rw=3, sector=163273957182608, nr_sectors = 8388600 limit=0 [ 1621.457226][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.457226][T11061] loop2: rw=3, sector=163273965571208, nr_sectors = 8388600 limit=0 [ 1621.492997][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.492997][T11061] loop2: rw=3, sector=163273973959808, nr_sectors = 8388600 limit=0 [ 1621.523800][T11061] syz.2.1378: attempt to access beyond end of device [ 1621.523800][T11061] loop2: rw=3, sector=163273982348408, nr_sectors = 8388600 limit=0 [ 1621.920275][ C0] DEBUG: waiting rtnl_mutex for 4776 jiffies. [ 1621.926408][ C0] task:kworker/0:6 state:D stack:20488 pid:5275 tgid:5275 ppid:2 flags:0x00004000 [ 1621.936670][ C0] Workqueue: events linkwatch_event [ 1621.941947][ C0] Call Trace: [ 1621.945251][ C0] [ 1621.948203][ C0] __schedule+0x1800/0x4a60 [ 1621.952817][ C0] ? __pfx___schedule+0x10/0x10 [ 1621.957707][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1621.963777][ C0] ? __pfx_lock_release+0x10/0x10 [ 1621.968849][ C0] ? kick_pool+0x1bd/0x620 [ 1621.973364][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1621.978592][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1621.983887][ C0] ? schedule+0x90/0x320 [ 1621.988161][ C0] schedule+0x14b/0x320 [ 1621.992503][ C0] schedule_preempt_disabled+0x13/0x30 [ 1621.997999][ C0] __mutex_lock+0x6a4/0xd70 [ 1622.002595][ C0] ? __mutex_lock+0x527/0xd70 [ 1622.007300][ C0] ? linkwatch_event+0xe/0x60 [ 1622.012071][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1622.017133][ C0] ? get_rtnl_holder+0x144/0x190 [ 1622.022164][ C0] ? process_scheduled_works+0x945/0x1830 [ 1622.027914][ C0] linkwatch_event+0xe/0x60 [ 1622.032504][ C0] process_scheduled_works+0xa2c/0x1830 [ 1622.038111][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1622.044190][ C0] ? assign_work+0x364/0x3d0 [ 1622.049262][ C0] worker_thread+0x86d/0xd40 [ 1622.053951][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1622.059888][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1622.065030][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1622.070213][ C0] kthread+0x2f0/0x390 [ 1622.074324][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1622.079458][ C0] ? __pfx_kthread+0x10/0x10 [ 1622.084127][ C0] ret_from_fork+0x4b/0x80 [ 1622.088575][ C0] ? __pfx_kthread+0x10/0x10 [ 1622.093245][ C0] ret_from_fork_asm+0x1a/0x30 [ 1622.098071][ C0] [ 1622.101179][ C0] DEBUG: waiting rtnl_mutex for 3443 jiffies. [ 1622.107365][ C0] task:kworker/1:5 state:D stack:22832 pid:5332 tgid:5332 ppid:2 flags:0x00004000 [ 1622.118324][ C0] Workqueue: events_power_efficient reg_check_chans_work [ 1622.125650][ C0] Call Trace: [ 1622.128955][ C0] [ 1622.131980][ C0] __schedule+0x1800/0x4a60 [ 1622.136549][ C0] ? __pfx___schedule+0x10/0x10 [ 1622.141503][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1622.147525][ C0] ? __pfx_lock_release+0x10/0x10 [ 1622.152626][ C0] ? kick_pool+0x45c/0x620 [ 1622.157188][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1622.162484][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1622.167725][ C0] ? schedule+0x90/0x320 [ 1622.172047][ C0] schedule+0x14b/0x320 [ 1622.176249][ C0] schedule_preempt_disabled+0x13/0x30 [ 1622.181805][ C0] __mutex_lock+0x6a4/0xd70 [ 1622.186342][ C0] ? __mutex_lock+0x527/0xd70 [ 1622.191092][ C0] ? reg_check_chans_work+0x99/0xfd0 [ 1622.196418][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1622.201545][ C0] ? get_rtnl_holder+0x144/0x190 [ 1622.206514][ C0] ? process_scheduled_works+0x945/0x1830 [ 1622.212313][ C0] reg_check_chans_work+0x99/0xfd0 [ 1622.217474][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1622.222603][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1622.228627][ C0] ? __pfx_reg_check_chans_work+0x10/0x10 [ 1622.234463][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1622.240892][ C0] ? process_scheduled_works+0x945/0x1830 [ 1622.246645][ C0] process_scheduled_works+0xa2c/0x1830 [ 1622.252312][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1622.258467][ C0] ? assign_work+0x364/0x3d0 [ 1622.263164][ C0] worker_thread+0x86d/0xd40 [ 1622.267803][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1622.272939][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1622.278110][ C0] kthread+0x2f0/0x390 [ 1622.282266][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1622.288373][ C0] ? __pfx_kthread+0x10/0x10 [ 1622.293071][ C0] ret_from_fork+0x4b/0x80 [ 1622.297525][ C0] ? __pfx_kthread+0x10/0x10 [ 1622.302203][ C0] ret_from_fork_asm+0x1a/0x30 [ 1622.307124][ C0] [ 1622.310316][ C0] DEBUG: waiting rtnl_mutex for 3399 jiffies. [ 1622.316402][ C0] task:syz-executor state:D stack:24992 pid:14539 tgid:14539 ppid:14538 flags:0x00000000 [ 1622.326657][ C0] Call Trace: [ 1622.330013][ C0] [ 1622.333065][ C0] __schedule+0x1800/0x4a60 [ 1622.337995][ C0] ? __pfx___schedule+0x10/0x10 [ 1622.342968][ C0] ? __pfx_lock_release+0x10/0x10 [ 1622.348034][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1622.353694][ C0] ? schedule+0x90/0x320 [ 1622.357978][ C0] schedule+0x14b/0x320 [ 1622.362251][ C0] schedule_preempt_disabled+0x13/0x30 [ 1622.367741][ C0] __mutex_lock+0x6a4/0xd70 [ 1622.372366][ C0] ? __mutex_lock+0x527/0xd70 [ 1622.377083][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1622.382324][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1622.387397][ C0] ? get_rtnl_holder+0x144/0x190 [ 1622.392439][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1622.397418][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1622.402608][ C0] ? __lock_acquire+0x1384/0x2050 [ 1622.407675][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1622.413253][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1622.418055][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1622.423626][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1622.428963][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1622.434268][ C0] netlink_unicast+0x7f6/0x990 [ 1622.439077][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1622.444456][ C0] ? __virt_addr_valid+0x183/0x530 [ 1622.449602][ C0] ? __check_object_size+0x49c/0x900 [ 1622.454983][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1622.460160][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1622.464971][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1622.470620][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1622.475610][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1622.480988][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1622.486494][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1622.491858][ C0] __sock_sendmsg+0x221/0x270 [ 1622.496583][ C0] __sys_sendto+0x3a4/0x4f0 [ 1622.501174][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1622.506259][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1622.512336][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1622.518697][ C0] ? exc_page_fault+0x590/0x8c0 [ 1622.523656][ C0] __x64_sys_sendto+0xde/0x100 [ 1622.528537][ C0] do_syscall_64+0xf3/0x230 [ 1622.533142][ C0] ? clear_bhb_loop+0x35/0x90 [ 1622.537858][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1622.543853][ C0] RIP: 0033:0x7f94e397902c [ 1622.548395][ C0] RSP: 002b:00007ffe46478660 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1622.556936][ C0] RAX: ffffffffffffffda RBX: 00007f94e4634620 RCX: 00007f94e397902c [ 1622.565001][ C0] RDX: 0000000000000028 RSI: 00007f94e4634670 RDI: 0000000000000003 [ 1622.573190][ C0] RBP: 0000000000000000 R08: 00007ffe464786b4 R09: 000000000000000c [ 1622.581236][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1622.589247][ C0] R13: 0000000000000000 R14: 00007f94e4634670 R15: 0000000000000000 [ 1622.597423][ C0] [ 1622.600521][ C0] DEBUG: waiting rtnl_mutex for 2904 jiffies. [ 1622.606714][ C0] task:syz-executor state:D stack:24992 pid:14542 tgid:14542 ppid:14541 flags:0x00000000 [ 1622.617000][ C0] Call Trace: [ 1622.620431][ C0] [ 1622.623393][ C0] __schedule+0x1800/0x4a60 [ 1622.627962][ C0] ? __pfx___schedule+0x10/0x10 [ 1622.632928][ C0] ? __pfx_lock_release+0x10/0x10 [ 1622.638102][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1622.643648][ C0] ? schedule+0x90/0x320 [ 1622.647930][ C0] schedule+0x14b/0x320 [ 1622.652196][ C0] schedule_preempt_disabled+0x13/0x30 [ 1622.657692][ C0] __mutex_lock+0x6a4/0xd70 [ 1622.662268][ C0] ? __mutex_lock+0x527/0xd70 [ 1622.666983][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1622.672215][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1622.677287][ C0] ? get_rtnl_holder+0x144/0x190 [ 1622.682437][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1622.687519][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1622.692753][ C0] ? __lock_acquire+0x1384/0x2050 [ 1622.697904][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1622.703476][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1622.708281][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1622.713927][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1622.719270][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1622.724574][ C0] netlink_unicast+0x7f6/0x990 [ 1622.729387][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1622.734755][ C0] ? __virt_addr_valid+0x183/0x530 [ 1622.739911][ C0] ? __check_object_size+0x49c/0x900 [ 1622.745306][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1622.751344][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1622.756602][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1622.761986][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1622.766968][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1622.772363][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1622.777949][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1622.783320][ C0] __sock_sendmsg+0x221/0x270 [ 1622.788051][ C0] __sys_sendto+0x3a4/0x4f0 [ 1622.792656][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1622.797737][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1622.803913][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1622.810315][ C0] ? exc_page_fault+0x590/0x8c0 [ 1622.815210][ C0] __x64_sys_sendto+0xde/0x100 [ 1622.820063][ C0] do_syscall_64+0xf3/0x230 [ 1622.824683][ C0] ? clear_bhb_loop+0x35/0x90 [ 1622.829486][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1622.835462][ C0] RIP: 0033:0x7f747017902c [ 1622.839908][ C0] RSP: 002b:00007ffde35bb7c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1622.848435][ C0] RAX: ffffffffffffffda RBX: 00007f7470e34620 RCX: 00007f747017902c [ 1622.856491][ C0] RDX: 0000000000000028 RSI: 00007f7470e34670 RDI: 0000000000000003 [ 1622.864558][ C0] RBP: 0000000000000000 R08: 00007ffde35bb814 R09: 000000000000000c [ 1622.872604][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1622.880662][ C0] R13: 0000000000000000 R14: 00007f7470e34670 R15: 0000000000000000 [ 1622.888858][ C0] [ 1622.891939][ C0] DEBUG: waiting rtnl_mutex for 1986 jiffies. [ 1622.898034][ C0] task:syz-executor state:D stack:24992 pid:14545 tgid:14545 ppid:14544 flags:0x00000000 [ 1622.908395][ C0] Call Trace: [ 1622.911736][ C0] [ 1622.914695][ C0] __schedule+0x1800/0x4a60 [ 1622.919252][ C0] ? __pfx___schedule+0x10/0x10 [ 1622.924208][ C0] ? __pfx_lock_release+0x10/0x10 [ 1622.929441][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1622.935019][ C0] ? schedule+0x90/0x320 [ 1622.939300][ C0] schedule+0x14b/0x320 [ 1622.943563][ C0] schedule_preempt_disabled+0x13/0x30 [ 1622.949088][ C0] __mutex_lock+0x6a4/0xd70 [ 1622.953679][ C0] ? __mutex_lock+0x527/0xd70 [ 1622.958388][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1622.963609][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1622.968686][ C0] ? get_rtnl_holder+0x144/0x190 [ 1622.973792][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1622.978772][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1622.983998][ C0] ? __lock_acquire+0x1384/0x2050 [ 1622.989168][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1622.994742][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1622.999543][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1623.005128][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1623.010513][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1623.015923][ C0] netlink_unicast+0x7f6/0x990 [ 1623.020805][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1623.026156][ C0] ? __virt_addr_valid+0x183/0x530 [ 1623.031350][ C0] ? __check_object_size+0x49c/0x900 [ 1623.036700][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1623.042051][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1623.046875][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1623.052252][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1623.057232][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1623.062607][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1623.068109][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1623.073577][ C0] __sock_sendmsg+0x221/0x270 [ 1623.078299][ C0] __sys_sendto+0x3a4/0x4f0 [ 1623.082931][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1623.088198][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1623.094556][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1623.100969][ C0] ? exc_page_fault+0x590/0x8c0 [ 1623.105884][ C0] __x64_sys_sendto+0xde/0x100 [ 1623.110931][ C0] do_syscall_64+0xf3/0x230 [ 1623.115471][ C0] ? clear_bhb_loop+0x35/0x90 [ 1623.120227][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1623.126157][ C0] RIP: 0033:0x7f0dcb17902c [ 1623.130670][ C0] RSP: 002b:00007ffef27d5ee0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1623.139159][ C0] RAX: ffffffffffffffda RBX: 00007f0dcbe34620 RCX: 00007f0dcb17902c [ 1623.147249][ C0] RDX: 0000000000000028 RSI: 00007f0dcbe34670 RDI: 0000000000000003 [ 1623.155424][ C0] RBP: 0000000000000000 R08: 00007ffef27d5f34 R09: 000000000000000c [ 1623.163488][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1623.171558][ C0] R13: 0000000000000000 R14: 00007f0dcbe34670 R15: 0000000000000000 [ 1623.180391][ C0] [ 1623.183444][ C0] DEBUG: waiting rtnl_mutex for 1670 jiffies. [ 1623.189530][ C0] task:syz-executor state:D stack:24992 pid:14549 tgid:14549 ppid:14547 flags:0x00004000 [ 1623.200058][ C0] Call Trace: [ 1623.203381][ C0] [ 1623.206358][ C0] __schedule+0x1800/0x4a60 [ 1623.211010][ C0] ? __pfx___schedule+0x10/0x10 [ 1623.215923][ C0] ? __pfx_lock_release+0x10/0x10 [ 1623.221040][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1623.226558][ C0] ? schedule+0x90/0x320 [ 1623.230914][ C0] schedule+0x14b/0x320 [ 1623.235205][ C0] schedule_preempt_disabled+0x13/0x30 [ 1623.240742][ C0] __mutex_lock+0x6a4/0xd70 [ 1623.245291][ C0] ? __mutex_lock+0x527/0xd70 [ 1623.250066][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1623.255232][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1623.260460][ C0] ? get_rtnl_holder+0x144/0x190 [ 1623.265446][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1623.270496][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1623.275651][ C0] ? __lock_acquire+0x1384/0x2050 [ 1623.280757][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1623.286284][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1623.291171][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1623.297505][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1623.303116][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1623.308386][ C0] netlink_unicast+0x7f6/0x990 [ 1623.313289][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1623.318632][ C0] ? __virt_addr_valid+0x183/0x530 [ 1623.323944][ C0] ? __check_object_size+0x49c/0x900 [ 1623.329356][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1623.334620][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1623.339443][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1623.344836][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1623.349815][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1623.355203][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1623.360920][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1623.366248][ C0] __sock_sendmsg+0x221/0x270 [ 1623.371224][ C0] __sys_sendto+0x3a4/0x4f0 [ 1623.375785][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1623.380974][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1623.387612][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1623.394062][ C0] ? exc_page_fault+0x590/0x8c0 [ 1623.398996][ C0] __x64_sys_sendto+0xde/0x100 [ 1623.403884][ C0] do_syscall_64+0xf3/0x230 [ 1623.408429][ C0] ? clear_bhb_loop+0x35/0x90 [ 1623.413239][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1623.419181][ C0] RIP: 0033:0x7fa29c77902c [ 1623.423685][ C0] RSP: 002b:00007ffd629ebf60 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1623.432232][ C0] RAX: ffffffffffffffda RBX: 00007fa29d434620 RCX: 00007fa29c77902c [ 1623.440273][ C0] RDX: 0000000000000028 RSI: 00007fa29d434670 RDI: 0000000000000003 [ 1623.448281][ C0] RBP: 0000000000000000 R08: 00007ffd629ebfb4 R09: 000000000000000c [ 1623.456366][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1623.464433][ C0] R13: 0000000000000000 R14: 00007fa29d434670 R15: 0000000000000000 [ 1623.472546][ C0] [ 1623.475593][ C0] DEBUG: waiting rtnl_mutex for 1631 jiffies. [ 1623.481723][ C0] task:syz-executor state:D stack:24992 pid:14551 tgid:14551 ppid:14548 flags:0x00000000 [ 1623.491998][ C0] Call Trace: [ 1623.495315][ C0] [ 1623.498273][ C0] __schedule+0x1800/0x4a60 [ 1623.502908][ C0] ? __pfx___schedule+0x10/0x10 [ 1623.507816][ C0] ? __pfx_lock_release+0x10/0x10 [ 1623.512958][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1623.518465][ C0] ? schedule+0x90/0x320 [ 1623.522817][ C0] schedule+0x14b/0x320 [ 1623.527057][ C0] schedule_preempt_disabled+0x13/0x30 [ 1623.532619][ C0] __mutex_lock+0x6a4/0xd70 [ 1623.537440][ C0] ? __mutex_lock+0x527/0xd70 [ 1623.542218][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1623.547374][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1623.552576][ C0] ? get_rtnl_holder+0x144/0x190 [ 1623.557557][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1623.562597][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1623.567756][ C0] ? __lock_acquire+0x1384/0x2050 [ 1623.572870][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1623.578384][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1623.583241][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1623.588750][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1623.594169][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1623.599416][ C0] netlink_unicast+0x7f6/0x990 [ 1623.604282][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1623.609627][ C0] ? __virt_addr_valid+0x183/0x530 [ 1623.614947][ C0] ? __check_object_size+0x49c/0x900 [ 1623.620311][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1623.625477][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1623.630350][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1623.635671][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1623.640761][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1623.646087][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1623.651656][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1623.656968][ C0] __sock_sendmsg+0x221/0x270 [ 1623.661752][ C0] __sys_sendto+0x3a4/0x4f0 [ 1623.666298][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1623.671450][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1623.677477][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1623.683890][ C0] ? exc_page_fault+0x590/0x8c0 [ 1623.688789][ C0] __x64_sys_sendto+0xde/0x100 [ 1623.693661][ C0] do_syscall_64+0xf3/0x230 [ 1623.698204][ C0] ? clear_bhb_loop+0x35/0x90 [ 1623.703091][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1623.709044][ C0] RIP: 0033:0x7f0c4ad7902c [ 1623.713553][ C0] RSP: 002b:00007ffe0b846f00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1623.722066][ C0] RAX: ffffffffffffffda RBX: 00007f0c4ba34620 RCX: 00007f0c4ad7902c [ 1623.730124][ C0] RDX: 0000000000000028 RSI: 00007f0c4ba34670 RDI: 0000000000000003 [ 1623.738130][ C0] RBP: 0000000000000000 R08: 00007ffe0b846f54 R09: 000000000000000c [ 1623.746276][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1623.754325][ C0] R13: 0000000000000000 R14: 00007f0c4ba34670 R15: 0000000000000000 [ 1623.762411][ C0] [ 1623.765465][ C0] DEBUG: waiting rtnl_mutex for 5045 jiffies. [ 1623.771597][ C0] task:syz-executor state:D stack:21008 pid:14508 tgid:14508 ppid:1 flags:0x00004006 [ 1623.781955][ C0] Call Trace: [ 1623.785259][ C0] [ 1623.788232][ C0] __schedule+0x1800/0x4a60 [ 1623.792928][ C0] ? __pfx___schedule+0x10/0x10 [ 1623.797824][ C0] ? __pfx_lock_release+0x10/0x10 [ 1623.802955][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1623.808464][ C0] ? schedule+0x90/0x320 [ 1623.812795][ C0] schedule+0x14b/0x320 [ 1623.817095][ C0] schedule_preempt_disabled+0x13/0x30 [ 1623.822665][ C0] __mutex_lock+0x6a4/0xd70 [ 1623.827208][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1623.832518][ C0] ? __mutex_lock+0x527/0xd70 [ 1623.837230][ C0] ? nsim_destroy+0x71/0x5c0 [ 1623.841896][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1623.846961][ C0] ? __pfx_mntput_no_expire+0x10/0x10 [ 1623.852439][ C0] ? get_rtnl_holder+0x144/0x190 [ 1623.857415][ C0] nsim_destroy+0x71/0x5c0 [ 1623.862123][ C0] __nsim_dev_port_del+0x14b/0x1b0 [ 1623.867286][ C0] nsim_dev_reload_destroy+0x28a/0x490 [ 1623.872971][ C0] ? __pfx_nsim_bus_remove+0x10/0x10 [ 1623.878293][ C0] nsim_drv_remove+0x58/0x160 [ 1623.883084][ C0] device_release_driver_internal+0x4a9/0x7c0 [ 1623.889210][ C0] bus_remove_device+0x34f/0x420 [ 1623.894260][ C0] device_del+0x57a/0x9b0 [ 1623.898630][ C0] ? __pfx_device_del+0x10/0x10 [ 1623.903599][ C0] device_unregister+0x20/0xc0 [ 1623.908401][ C0] del_device_store+0x363/0x480 [ 1623.913375][ C0] ? __pfx_del_device_store+0x10/0x10 [ 1623.918821][ C0] ? sysfs_kf_write+0x182/0x2a0 [ 1623.923759][ C0] ? bus_attr_store+0x4f/0xa0 [ 1623.928562][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1623.933856][ C0] kernfs_fop_write_iter+0x3a1/0x500 [ 1623.939188][ C0] vfs_write+0xa72/0xc90 [ 1623.943548][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1623.949476][ C0] ? __pfx_vfs_write+0x10/0x10 [ 1623.954359][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1623.959592][ C0] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 1623.965744][ C0] ksys_write+0x1a0/0x2c0 [ 1623.970184][ C0] ? __pfx_ksys_write+0x10/0x10 [ 1623.975071][ C0] ? do_syscall_64+0x100/0x230 [ 1623.979867][ C0] ? do_syscall_64+0xb6/0x230 [ 1623.984624][ C0] do_syscall_64+0xf3/0x230 [ 1623.989160][ C0] ? clear_bhb_loop+0x35/0x90 [ 1623.994051][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1624.000123][ C0] RIP: 0033:0x7fb712b75e1f [ 1624.004576][ C0] RSP: 002b:00007ffd4bcefa60 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1624.013173][ C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb712b75e1f [ 1624.021241][ C0] RDX: 0000000000000001 RSI: 00007ffd4bcefab0 RDI: 0000000000000005 [ 1624.029421][ C0] RBP: 00007fb712be5940 R08: 0000000000000000 R09: 00007ffd4bcef8b7 [ 1624.037483][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1624.045565][ C0] R13: 00007ffd4bcefab0 R14: 00007fb713834620 R15: 0000000000000003 [ 1624.053652][ C0] [ 1624.056708][ C0] DEBUG: waiting rtnl_mutex for 5073 jiffies. [ 1624.062846][ C0] task:syz-executor state:D stack:20992 pid:14414 tgid:14414 ppid:1 flags:0x00004004 [ 1624.073192][ C0] Call Trace: [ 1624.076491][ C0] [ 1624.079445][ C0] __schedule+0x1800/0x4a60 [ 1624.084072][ C0] ? __pfx___schedule+0x10/0x10 [ 1624.088981][ C0] ? __pfx_lock_release+0x10/0x10 [ 1624.094199][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1624.099720][ C0] ? schedule+0x90/0x320 [ 1624.104046][ C0] schedule+0x14b/0x320 [ 1624.108252][ C0] schedule_preempt_disabled+0x13/0x30 [ 1624.113798][ C0] __mutex_lock+0x6a4/0xd70 [ 1624.118345][ C0] ? __mutex_lock+0x527/0xd70 [ 1624.123113][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1624.128272][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1624.133380][ C0] ? get_rtnl_holder+0x144/0x190 [ 1624.138441][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1624.143457][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1624.148615][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1624.154167][ C0] ? ref_tracker_free+0x643/0x7e0 [ 1624.159242][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1624.164112][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1624.169629][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1624.175041][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1624.181464][ C0] netlink_unicast+0x7f6/0x990 [ 1624.186285][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1624.191747][ C0] ? __virt_addr_valid+0x183/0x530 [ 1624.196899][ C0] ? __check_object_size+0x49c/0x900 [ 1624.202266][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1624.207423][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1624.212272][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1624.217581][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1624.223646][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1624.228640][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1624.234036][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1624.239548][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1624.244932][ C0] __sock_sendmsg+0x221/0x270 [ 1624.249665][ C0] __sys_sendto+0x3a4/0x4f0 [ 1624.254271][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1624.259368][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1624.265456][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1624.271875][ C0] __x64_sys_sendto+0xde/0x100 [ 1624.276673][ C0] do_syscall_64+0xf3/0x230 [ 1624.281242][ C0] ? clear_bhb_loop+0x35/0x90 [ 1624.285990][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1624.291955][ C0] RIP: 0033:0x7f6fdfd7902c [ 1624.296402][ C0] RSP: 002b:00007ffcaa75b4f0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1624.305194][ C0] RAX: ffffffffffffffda RBX: 00007f6fe0a34620 RCX: 00007f6fdfd7902c [ 1624.313247][ C0] RDX: 0000000000000028 RSI: 00007f6fe0a34670 RDI: 0000000000000003 [ 1624.321460][ C0] RBP: 0000000000000000 R08: 00007ffcaa75b544 R09: 000000000000000c [ 1624.329467][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1624.337525][ C0] R13: 0000000000000000 R14: 00007f6fe0a34670 R15: 0000000000000000 [ 1624.345591][ C0] [ 1624.348633][ C0] DEBUG: waiting rtnl_mutex for 5097 jiffies. [ 1624.354781][ C0] task:kworker/u8:3 state:D stack:19896 pid:13051 tgid:13051 ppid:2 flags:0x00004000 [ 1624.365054][ C0] Workqueue: ipv6_addrconf addrconf_dad_work [ 1624.371232][ C0] Call Trace: [ 1624.374547][ C0] [ 1624.377690][ C0] __schedule+0x1800/0x4a60 [ 1624.382312][ C0] ? __pfx___schedule+0x10/0x10 [ 1624.387253][ C0] ? __pfx_lock_release+0x10/0x10 [ 1624.392390][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1624.398025][ C0] ? kthread_data+0x52/0xd0 [ 1624.403244][ C0] ? schedule+0x90/0x320 [ 1624.407534][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1624.412750][ C0] ? schedule+0x90/0x320 [ 1624.417049][ C0] schedule+0x14b/0x320 [ 1624.421300][ C0] schedule_preempt_disabled+0x13/0x30 [ 1624.426849][ C0] __mutex_lock+0x6a4/0xd70 [ 1624.431429][ C0] ? mark_lock+0x9a/0x360 [ 1624.435799][ C0] ? __mutex_lock+0x527/0xd70 [ 1624.440569][ C0] ? addrconf_dad_work+0xd0/0x16f0 [ 1624.445808][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1624.450914][ C0] ? get_rtnl_holder+0x144/0x190 [ 1624.455889][ C0] addrconf_dad_work+0xd0/0x16f0 [ 1624.460923][ C0] ? __pfx_addrconf_dad_work+0x10/0x10 [ 1624.466419][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1624.472845][ C0] ? process_scheduled_works+0x945/0x1830 [ 1624.478608][ C0] process_scheduled_works+0xa2c/0x1830 [ 1624.484280][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1624.490330][ C0] ? assign_work+0x364/0x3d0 [ 1624.494983][ C0] worker_thread+0x86d/0xd40 [ 1624.499631][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1624.505625][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1624.510829][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1624.515983][ C0] kthread+0x2f0/0x390 [ 1624.520114][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1624.525278][ C0] ? __pfx_kthread+0x10/0x10 [ 1624.529911][ C0] ret_from_fork+0x4b/0x80 [ 1624.534417][ C0] ? __pfx_kthread+0x10/0x10 [ 1624.539733][ C0] ret_from_fork_asm+0x1a/0x30 [ 1624.544978][ C0] [ 1624.548047][ C0] DEBUG: waiting rtnl_mutex for 5115 jiffies. [ 1624.554277][ C0] task:syz-executor state:D stack:21728 pid:14482 tgid:14482 ppid:1 flags:0x00000004 [ 1624.564714][ C0] Call Trace: [ 1624.568030][ C0] [ 1624.571035][ C0] __schedule+0x1800/0x4a60 [ 1624.575601][ C0] ? __pfx___schedule+0x10/0x10 [ 1624.580527][ C0] ? __pfx_lock_release+0x10/0x10 [ 1624.585959][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1624.591504][ C0] ? schedule+0x90/0x320 [ 1624.595791][ C0] schedule+0x14b/0x320 [ 1624.600020][ C0] schedule_preempt_disabled+0x13/0x30 [ 1624.605526][ C0] __mutex_lock+0x6a4/0xd70 [ 1624.610114][ C0] ? __mutex_lock+0x527/0xd70 [ 1624.614852][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1624.620130][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1624.625207][ C0] ? get_rtnl_holder+0x144/0x190 [ 1624.630216][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1624.635210][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1624.640418][ C0] ? __lock_acquire+0x1384/0x2050 [ 1624.645576][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1624.651146][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1624.655962][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1624.661507][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1624.666868][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1624.672251][ C0] netlink_unicast+0x7f6/0x990 [ 1624.677064][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1624.682439][ C0] ? __virt_addr_valid+0x183/0x530 [ 1624.687588][ C0] ? __check_object_size+0x49c/0x900 [ 1624.693009][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1624.698172][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1624.703034][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1624.708353][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1624.714505][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1624.719481][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1624.724854][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1624.730415][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1624.735766][ C0] __sock_sendmsg+0x221/0x270 [ 1624.740553][ C0] __sys_sendto+0x3a4/0x4f0 [ 1624.745100][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1624.750214][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1624.756248][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1624.762698][ C0] __x64_sys_sendto+0xde/0x100 [ 1624.767600][ C0] do_syscall_64+0xf3/0x230 [ 1624.772189][ C0] ? clear_bhb_loop+0x35/0x90 [ 1624.776930][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1624.782928][ C0] RIP: 0033:0x7f719cf7902c [ 1624.787380][ C0] RSP: 002b:00007ffc2e602570 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1624.796003][ C0] RAX: ffffffffffffffda RBX: 00007f719dc335c0 RCX: 00007f719cf7902c [ 1624.804150][ C0] RDX: 0000000000000030 RSI: 00007f719dc33610 RDI: 0000000000000006 [ 1624.813254][ C0] RBP: 0000000000000000 R08: 00007ffc2e6025c4 R09: 000000000000000c [ 1624.821394][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006 [ 1624.829481][ C0] R13: 0000000000000000 R14: 00007f719dc33610 R15: 0000000000000000 [ 1624.837726][ C0] [ 1624.840903][ C0] DEBUG: holding rtnl_mutex for 5145 jiffies. [ 1624.847173][ C0] task:kworker/u8:11 state:D stack:18640 pid:8523 tgid:8523 ppid:2 flags:0x00004000 [ 1624.857428][ C0] Workqueue: netns cleanup_net [ 1624.862291][ C0] Call Trace: [ 1624.865593][ C0] [ 1624.868555][ C0] __schedule+0x1800/0x4a60 [ 1624.873163][ C0] ? __pfx___schedule+0x10/0x10 [ 1624.878058][ C0] ? __pfx_lock_release+0x10/0x10 [ 1624.883157][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1624.889360][ C0] ? kthread_data+0x52/0xd0 [ 1624.893959][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1624.899188][ C0] ? schedule+0x90/0x320 [ 1624.903496][ C0] schedule+0x14b/0x320 [ 1624.907688][ C0] synchronize_rcu_expedited+0x684/0x830 [ 1624.913393][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 1624.919590][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1624.924968][ C0] ? __pfx___might_resched+0x10/0x10 [ 1624.930325][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1624.936343][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1624.942493][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1624.948870][ C0] synchronize_rcu+0x11b/0x360 [ 1624.953706][ C0] ? __pfx_synchronize_rcu+0x10/0x10 [ 1624.959061][ C0] lockdep_unregister_key+0x4b7/0x540 [ 1624.964521][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 1624.970493][ C0] ? rcu_is_watching+0x15/0xb0 [ 1624.975284][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 1624.979909][ C0] __qdisc_destroy+0x165/0x410 [ 1624.984764][ C0] dev_shutdown+0x357/0x450 [ 1624.989297][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 1624.995744][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1625.002605][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1625.008536][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1625.014775][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1625.020491][ C0] ? __pfx___might_resched+0x10/0x10 [ 1625.025812][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1625.032035][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1625.037354][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1625.043584][ C0] cleanup_net+0x89d/0xcc0 [ 1625.048036][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1625.053071][ C0] ? process_scheduled_works+0x945/0x1830 [ 1625.058834][ C0] process_scheduled_works+0xa2c/0x1830 [ 1625.064502][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1625.070572][ C0] ? assign_work+0x364/0x3d0 [ 1625.075298][ C0] worker_thread+0x86d/0xd40 [ 1625.079938][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1625.085056][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1625.090233][ C0] kthread+0x2f0/0x390 [ 1625.094341][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1625.100247][ C0] ? __pfx_kthread+0x10/0x10 [ 1625.104982][ C0] ret_from_fork+0x4b/0x80 [ 1625.109456][ C0] ? __pfx_kthread+0x10/0x10 [ 1625.114158][ C0] ret_from_fork_asm+0x1a/0x30 [ 1625.118984][ C0] [ 1625.122096][ C0] [ 1625.122096][ C0] Showing all locks held in the system: [ 1625.129923][ C0] 5 locks held by kworker/u8:1/12: [ 1625.135118][ C0] #0: ffff88802b31e148 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1625.146561][ C0] #1: ffffc90000117d00 ((work_completion)(&(&forw_packet_aggr->delayed_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1625.160960][ C0] #2: ffff88805e0be110 (&hard_iface->bat_iv.ogm_buff_mutex){+.+.}-{3:3}, at: batadv_iv_ogm_schedule+0xde/0x10a0 [ 1625.173097][ C0] #3: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1625.183313][ C0] #4: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1625.193311][ C0] 2 locks held by getty/4979: [ 1625.198015][ C0] #0: ffff88802fc7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1625.207884][ C0] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1625.218122][ C0] 3 locks held by kworker/0:6/5275: [ 1625.223398][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1625.235112][ C0] #1: ffffc900038c7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1625.246214][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1625.255312][ C0] 3 locks held by kworker/1:5/5332: [ 1625.260579][ C0] #0: ffff888015881948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1625.273146][ C0] #1: ffffc90003f4fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1625.284331][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 1625.294034][ C0] 4 locks held by syz.4.332/6756: [ 1625.299073][ C0] 5 locks held by kworker/u8:11/8523: [ 1625.304513][ C0] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1625.315541][ C0] #1: ffffc90004a7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1625.326483][ C0] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1625.336015][ C0] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 1625.346140][ C0] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 1625.357140][ C0] 2 locks held by syz.2.1378/11061: [ 1625.362409][ C0] 1 lock held by segctord/11071: [ 1625.367364][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 1625.378374][ C0] 3 locks held by kworker/u8:3/13051: [ 1625.383825][ C0] #0: ffff88802a913148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1625.395539][ C0] #1: ffffc90003277d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1625.408465][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 1625.418018][ C0] 1 lock held by syz-executor/14414: [ 1625.423376][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1625.432918][ C0] 1 lock held by syz-executor/14482: [ 1625.438236][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1625.447767][ C0] 4 locks held by syz-executor/14502: [ 1625.453205][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1625.462196][ C0] #1: ffff888022e80088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1625.472041][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1625.482167][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1625.492649][ C0] 4 locks held by syz-executor/14506: [ 1625.498423][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1625.507444][ C0] #1: ffff88802cdd4488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1625.517312][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1625.527456][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1625.537936][ C0] 7 locks held by syz-executor/14508: [ 1625.543376][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1625.552387][ C0] #1: ffff88802ce9d488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1625.562327][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1625.572455][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1625.582935][ C0] #4: ffff888064d730e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1625.593678][ C0] #5: ffff888064d72250 (&devlink->lock_key#92){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 1625.603898][ C0] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 1625.612897][ C0] 1 lock held by syz-executor/14539: [ 1625.618197][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1625.627736][ C0] 1 lock held by syz-executor/14542: [ 1625.633198][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1625.642720][ C0] 1 lock held by syz-executor/14545: [ 1625.648024][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1625.657543][ C0] 1 lock held by syz-executor/14549: [ 1625.662941][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1625.672463][ C0] 1 lock held by syz-executor/14551: [ 1625.677854][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1625.687372][ C0] [ 1625.689720][ C0] ============================================= [ 1625.689720][ C0] [ 1626.260058][T11061] bio_check_eod: 127956 callbacks suppressed [ 1626.260080][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.260080][T11061] loop2: rw=3, sector=164347362438608, nr_sectors = 8388600 limit=0 [ 1626.297725][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.297725][T11061] loop2: rw=3, sector=164347370827208, nr_sectors = 8388600 limit=0 [ 1626.326203][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.326203][T11061] loop2: rw=3, sector=164347379215808, nr_sectors = 8388600 limit=0 [ 1626.350066][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.350066][T11061] loop2: rw=3, sector=164347387604408, nr_sectors = 8388600 limit=0 [ 1626.379240][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.379240][T11061] loop2: rw=3, sector=164347395993008, nr_sectors = 8388600 limit=0 [ 1626.409253][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.409253][T11061] loop2: rw=3, sector=164347404381608, nr_sectors = 8388600 limit=0 [ 1626.438111][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.438111][T11061] loop2: rw=3, sector=164347412770208, nr_sectors = 8388600 limit=0 [ 1626.460081][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.460081][T11061] loop2: rw=3, sector=164347421158808, nr_sectors = 8388600 limit=0 [ 1626.490098][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.490098][T11061] loop2: rw=3, sector=164347429547408, nr_sectors = 8388600 limit=0 [ 1626.520158][T11061] syz.2.1378: attempt to access beyond end of device [ 1626.520158][T11061] loop2: rw=3, sector=164347437936008, nr_sectors = 8388600 limit=0 [ 1626.710346][ C0] DEBUG: waiting rtnl_mutex for 5255 jiffies. [ 1626.716504][ C0] task:kworker/0:6 state:D stack:20488 pid:5275 tgid:5275 ppid:2 flags:0x00004000 [ 1626.726817][ C0] Workqueue: events linkwatch_event [ 1626.732124][ C0] Call Trace: [ 1626.735444][ C0] [ 1626.738401][ C0] __schedule+0x1800/0x4a60 [ 1626.743105][ C0] ? __pfx___schedule+0x10/0x10 [ 1626.747997][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1626.754162][ C0] ? __pfx_lock_release+0x10/0x10 [ 1626.759243][ C0] ? kick_pool+0x1bd/0x620 [ 1626.763812][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1626.769148][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1626.774554][ C0] ? schedule+0x90/0x320 [ 1626.778928][ C0] schedule+0x14b/0x320 [ 1626.783324][ C0] schedule_preempt_disabled+0x13/0x30 [ 1626.788841][ C0] __mutex_lock+0x6a4/0xd70 [ 1626.793473][ C0] ? __mutex_lock+0x527/0xd70 [ 1626.798198][ C0] ? linkwatch_event+0xe/0x60 [ 1626.802989][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1626.808149][ C0] ? get_rtnl_holder+0x144/0x190 [ 1626.813210][ C0] ? process_scheduled_works+0x945/0x1830 [ 1626.818972][ C0] linkwatch_event+0xe/0x60 [ 1626.823603][ C0] process_scheduled_works+0xa2c/0x1830 [ 1626.829313][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1626.835435][ C0] ? assign_work+0x364/0x3d0 [ 1626.840111][ C0] worker_thread+0x86d/0xd40 [ 1626.844774][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1626.850798][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1626.855964][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1626.861183][ C0] kthread+0x2f0/0x390 [ 1626.865287][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1626.870584][ C0] ? __pfx_kthread+0x10/0x10 [ 1626.875214][ C0] ret_from_fork+0x4b/0x80 [ 1626.879667][ C0] ? __pfx_kthread+0x10/0x10 [ 1626.884336][ C0] ret_from_fork_asm+0x1a/0x30 [ 1626.889165][ C0] [ 1626.892268][ C0] DEBUG: waiting rtnl_mutex for 3922 jiffies. [ 1626.898362][ C0] task:kworker/1:5 state:D stack:22832 pid:5332 tgid:5332 ppid:2 flags:0x00004000 [ 1626.908643][ C0] Workqueue: events_power_efficient reg_check_chans_work [ 1626.915764][ C0] Call Trace: [ 1626.919072][ C0] [ 1626.922159][ C0] __schedule+0x1800/0x4a60 [ 1626.926827][ C0] ? __pfx___schedule+0x10/0x10 [ 1626.931756][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1626.937772][ C0] ? __pfx_lock_release+0x10/0x10 [ 1626.942878][ C0] ? kick_pool+0x45c/0x620 [ 1626.947345][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1626.952617][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1626.957857][ C0] ? schedule+0x90/0x320 [ 1626.962162][ C0] schedule+0x14b/0x320 [ 1626.966356][ C0] schedule_preempt_disabled+0x13/0x30 [ 1626.971887][ C0] __mutex_lock+0x6a4/0xd70 [ 1626.976417][ C0] ? __mutex_lock+0x527/0xd70 [ 1626.981164][ C0] ? reg_check_chans_work+0x99/0xfd0 [ 1626.986490][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1626.991598][ C0] ? get_rtnl_holder+0x144/0x190 [ 1626.996582][ C0] ? process_scheduled_works+0x945/0x1830 [ 1627.002375][ C0] reg_check_chans_work+0x99/0xfd0 [ 1627.007547][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1627.012673][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1627.018781][ C0] ? __pfx_reg_check_chans_work+0x10/0x10 [ 1627.024596][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1627.031007][ C0] ? process_scheduled_works+0x945/0x1830 [ 1627.036771][ C0] process_scheduled_works+0xa2c/0x1830 [ 1627.042457][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1627.048572][ C0] ? assign_work+0x364/0x3d0 [ 1627.053359][ C0] worker_thread+0x86d/0xd40 [ 1627.058012][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1627.063126][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1627.068266][ C0] kthread+0x2f0/0x390 [ 1627.072396][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1627.077714][ C0] ? __pfx_kthread+0x10/0x10 [ 1627.082380][ C0] ret_from_fork+0x4b/0x80 [ 1627.086826][ C0] ? __pfx_kthread+0x10/0x10 [ 1627.091474][ C0] ret_from_fork_asm+0x1a/0x30 [ 1627.096287][ C0] [ 1627.099318][ C0] DEBUG: waiting rtnl_mutex for 3877 jiffies. [ 1627.105440][ C0] task:syz-executor state:D stack:24992 pid:14539 tgid:14539 ppid:14538 flags:0x00000000 [ 1627.115693][ C0] Call Trace: [ 1627.119008][ C0] [ 1627.122003][ C0] __schedule+0x1800/0x4a60 [ 1627.126585][ C0] ? __pfx___schedule+0x10/0x10 [ 1627.131512][ C0] ? __pfx_lock_release+0x10/0x10 [ 1627.136568][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1627.142193][ C0] ? schedule+0x90/0x320 [ 1627.146472][ C0] schedule+0x14b/0x320 [ 1627.150713][ C0] schedule_preempt_disabled+0x13/0x30 [ 1627.156216][ C0] __mutex_lock+0x6a4/0xd70 [ 1627.160792][ C0] ? __mutex_lock+0x527/0xd70 [ 1627.165498][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1627.170680][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1627.175760][ C0] ? get_rtnl_holder+0x144/0x190 [ 1627.180770][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1627.185752][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1627.190956][ C0] ? __lock_acquire+0x1384/0x2050 [ 1627.196105][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1627.201663][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1627.206461][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1627.211991][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1627.217339][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1627.222698][ C0] netlink_unicast+0x7f6/0x990 [ 1627.227507][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1627.232868][ C0] ? __virt_addr_valid+0x183/0x530 [ 1627.238027][ C0] ? __check_object_size+0x49c/0x900 [ 1627.243419][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1627.248714][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1627.253583][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1627.258928][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1627.263966][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1627.270113][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1627.275612][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1627.281070][ C0] __sock_sendmsg+0x221/0x270 [ 1627.285801][ C0] __sys_sendto+0x3a4/0x4f0 [ 1627.290388][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1627.295476][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1627.301544][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1627.307929][ C0] ? exc_page_fault+0x590/0x8c0 [ 1627.312891][ C0] __x64_sys_sendto+0xde/0x100 [ 1627.317720][ C0] do_syscall_64+0xf3/0x230 [ 1627.322503][ C0] ? clear_bhb_loop+0x35/0x90 [ 1627.327235][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1627.333214][ C0] RIP: 0033:0x7f94e397902c [ 1627.337662][ C0] RSP: 002b:00007ffe46478660 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1627.346175][ C0] RAX: ffffffffffffffda RBX: 00007f94e4634620 RCX: 00007f94e397902c [ 1627.354242][ C0] RDX: 0000000000000028 RSI: 00007f94e4634670 RDI: 0000000000000003 [ 1627.362381][ C0] RBP: 0000000000000000 R08: 00007ffe464786b4 R09: 000000000000000c [ 1627.370444][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1627.378461][ C0] R13: 0000000000000000 R14: 00007f94e4634670 R15: 0000000000000000 [ 1627.386580][ C0] [ 1627.389625][ C0] DEBUG: waiting rtnl_mutex for 3382 jiffies. [ 1627.395823][ C0] task:syz-executor state:D stack:24992 pid:14542 tgid:14542 ppid:14541 flags:0x00000000 [ 1627.406103][ C0] Call Trace: [ 1627.409471][ C0] [ 1627.412472][ C0] __schedule+0x1800/0x4a60 [ 1627.417035][ C0] ? __pfx___schedule+0x10/0x10 [ 1627.421966][ C0] ? __pfx_lock_release+0x10/0x10 [ 1627.427031][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1627.432576][ C0] ? schedule+0x90/0x320 [ 1627.436867][ C0] schedule+0x14b/0x320 [ 1627.441280][ C0] schedule_preempt_disabled+0x13/0x30 [ 1627.446879][ C0] __mutex_lock+0x6a4/0xd70 [ 1627.451555][ C0] ? __mutex_lock+0x527/0xd70 [ 1627.456265][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1627.461448][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1627.466510][ C0] ? get_rtnl_holder+0x144/0x190 [ 1627.471522][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1627.476510][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1627.481713][ C0] ? __lock_acquire+0x1384/0x2050 [ 1627.486790][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1627.492348][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1627.497161][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1627.502741][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1627.508090][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1627.513452][ C0] netlink_unicast+0x7f6/0x990 [ 1627.518268][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1627.523731][ C0] ? __virt_addr_valid+0x183/0x530 [ 1627.528967][ C0] ? __check_object_size+0x49c/0x900 [ 1627.534338][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1627.539586][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1627.544556][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1627.549891][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1627.554918][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1627.560267][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1627.565775][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1627.571135][ C0] __sock_sendmsg+0x221/0x270 [ 1627.575854][ C0] __sys_sendto+0x3a4/0x4f0 [ 1627.580431][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1627.585515][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1627.592281][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1627.598755][ C0] ? exc_page_fault+0x590/0x8c0 [ 1627.603715][ C0] __x64_sys_sendto+0xde/0x100 [ 1627.608551][ C0] do_syscall_64+0xf3/0x230 [ 1627.613133][ C0] ? clear_bhb_loop+0x35/0x90 [ 1627.617939][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1627.623916][ C0] RIP: 0033:0x7f747017902c [ 1627.628371][ C0] RSP: 002b:00007ffde35bb7c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1627.636900][ C0] RAX: ffffffffffffffda RBX: 00007f7470e34620 RCX: 00007f747017902c [ 1627.644964][ C0] RDX: 0000000000000028 RSI: 00007f7470e34670 RDI: 0000000000000003 [ 1627.653023][ C0] RBP: 0000000000000000 R08: 00007ffde35bb814 R09: 000000000000000c [ 1627.661072][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1627.669067][ C0] R13: 0000000000000000 R14: 00007f7470e34670 R15: 0000000000000000 [ 1627.677139][ C0] [ 1627.680216][ C0] DEBUG: waiting rtnl_mutex for 2465 jiffies. [ 1627.686471][ C0] task:syz-executor state:D stack:24992 pid:14545 tgid:14545 ppid:14544 flags:0x00000000 [ 1627.696738][ C0] Call Trace: [ 1627.700067][ C0] [ 1627.703024][ C0] __schedule+0x1800/0x4a60 [ 1627.707591][ C0] ? __pfx___schedule+0x10/0x10 [ 1627.712564][ C0] ? __pfx_lock_release+0x10/0x10 [ 1627.717656][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1627.723213][ C0] ? schedule+0x90/0x320 [ 1627.727665][ C0] schedule+0x14b/0x320 [ 1627.731897][ C0] schedule_preempt_disabled+0x13/0x30 [ 1627.737397][ C0] __mutex_lock+0x6a4/0xd70 [ 1627.742049][ C0] ? __mutex_lock+0x527/0xd70 [ 1627.746766][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1627.752095][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1627.757180][ C0] ? get_rtnl_holder+0x144/0x190 [ 1627.762301][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1627.767296][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1627.772614][ C0] ? __lock_acquire+0x1384/0x2050 [ 1627.777696][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1627.783276][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1627.788162][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1627.793720][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1627.799068][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1627.804351][ C0] netlink_unicast+0x7f6/0x990 [ 1627.809186][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1627.814584][ C0] ? __virt_addr_valid+0x183/0x530 [ 1627.819746][ C0] ? __check_object_size+0x49c/0x900 [ 1627.825121][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1627.830340][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1627.835157][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1627.840623][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1627.845647][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1627.851018][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1627.856512][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1627.861872][ C0] __sock_sendmsg+0x221/0x270 [ 1627.866602][ C0] __sys_sendto+0x3a4/0x4f0 [ 1627.871179][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1627.876258][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1627.882312][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1627.888681][ C0] ? exc_page_fault+0x590/0x8c0 [ 1627.893624][ C0] __x64_sys_sendto+0xde/0x100 [ 1627.898440][ C0] do_syscall_64+0xf3/0x230 [ 1627.903009][ C0] ? clear_bhb_loop+0x35/0x90 [ 1627.907728][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1627.913721][ C0] RIP: 0033:0x7f0dcb17902c [ 1627.918158][ C0] RSP: 002b:00007ffef27d5ee0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1627.926840][ C0] RAX: ffffffffffffffda RBX: 00007f0dcbe34620 RCX: 00007f0dcb17902c [ 1627.934893][ C0] RDX: 0000000000000028 RSI: 00007f0dcbe34670 RDI: 0000000000000003 [ 1627.943025][ C0] RBP: 0000000000000000 R08: 00007ffef27d5f34 R09: 000000000000000c [ 1627.951531][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1627.959532][ C0] R13: 0000000000000000 R14: 00007f0dcbe34670 R15: 0000000000000000 [ 1627.967607][ C0] [ 1627.970695][ C0] DEBUG: waiting rtnl_mutex for 2149 jiffies. [ 1627.976770][ C0] task:syz-executor state:D stack:24992 pid:14549 tgid:14549 ppid:14547 flags:0x00004000 [ 1627.987043][ C0] Call Trace: [ 1627.990383][ C0] [ 1627.993346][ C0] __schedule+0x1800/0x4a60 [ 1627.997934][ C0] ? __pfx___schedule+0x10/0x10 [ 1628.002902][ C0] ? __pfx_lock_release+0x10/0x10 [ 1628.008058][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1628.013639][ C0] ? schedule+0x90/0x320 [ 1628.017929][ C0] schedule+0x14b/0x320 [ 1628.022162][ C0] schedule_preempt_disabled+0x13/0x30 [ 1628.027659][ C0] __mutex_lock+0x6a4/0xd70 [ 1628.032245][ C0] ? __mutex_lock+0x527/0xd70 [ 1628.036957][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1628.042156][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1628.047221][ C0] ? get_rtnl_holder+0x144/0x190 [ 1628.052229][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1628.057198][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1628.062391][ C0] ? __lock_acquire+0x1384/0x2050 [ 1628.067459][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1628.073024][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1628.077817][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1628.083360][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1628.088726][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1628.094022][ C0] netlink_unicast+0x7f6/0x990 [ 1628.098846][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1628.104227][ C0] ? __virt_addr_valid+0x183/0x530 [ 1628.109386][ C0] ? __check_object_size+0x49c/0x900 [ 1628.114854][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1628.120100][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1628.124917][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1628.130287][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1628.135268][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1628.140644][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1628.146145][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1628.151507][ C0] __sock_sendmsg+0x221/0x270 [ 1628.156231][ C0] __sys_sendto+0x3a4/0x4f0 [ 1628.160812][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1628.165911][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1628.171978][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1628.178385][ C0] ? exc_page_fault+0x590/0x8c0 [ 1628.183430][ C0] __x64_sys_sendto+0xde/0x100 [ 1628.188240][ C0] do_syscall_64+0xf3/0x230 [ 1628.192824][ C0] ? clear_bhb_loop+0x35/0x90 [ 1628.197557][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1628.203554][ C0] RIP: 0033:0x7fa29c77902c [ 1628.208103][ C0] RSP: 002b:00007ffd629ebf60 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1628.216660][ C0] RAX: ffffffffffffffda RBX: 00007fa29d434620 RCX: 00007fa29c77902c [ 1628.224729][ C0] RDX: 0000000000000028 RSI: 00007fa29d434670 RDI: 0000000000000003 [ 1628.232801][ C0] RBP: 0000000000000000 R08: 00007ffd629ebfb4 R09: 000000000000000c [ 1628.240869][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1628.248907][ C0] R13: 0000000000000000 R14: 00007fa29d434670 R15: 0000000000000000 [ 1628.256988][ C0] [ 1628.260059][ C0] DEBUG: waiting rtnl_mutex for 2110 jiffies. [ 1628.266149][ C0] task:syz-executor state:D stack:24992 pid:14551 tgid:14551 ppid:14548 flags:0x00000000 [ 1628.276406][ C0] Call Trace: [ 1628.279711][ C0] [ 1628.282730][ C0] __schedule+0x1800/0x4a60 [ 1628.287309][ C0] ? __pfx___schedule+0x10/0x10 [ 1628.292248][ C0] ? __pfx_lock_release+0x10/0x10 [ 1628.297311][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1628.303035][ C0] ? schedule+0x90/0x320 [ 1628.307414][ C0] schedule+0x14b/0x320 [ 1628.311667][ C0] schedule_preempt_disabled+0x13/0x30 [ 1628.317263][ C0] __mutex_lock+0x6a4/0xd70 [ 1628.321858][ C0] ? __mutex_lock+0x527/0xd70 [ 1628.326573][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1628.331780][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1628.336855][ C0] ? get_rtnl_holder+0x144/0x190 [ 1628.341857][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1628.346829][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1628.352037][ C0] ? __lock_acquire+0x1384/0x2050 [ 1628.357108][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1628.362850][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1628.367653][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1628.373201][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1628.378549][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1628.383835][ C0] netlink_unicast+0x7f6/0x990 [ 1628.388757][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1628.394254][ C0] ? __virt_addr_valid+0x183/0x530 [ 1628.399663][ C0] ? __check_object_size+0x49c/0x900 [ 1628.405181][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1628.410380][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1628.415217][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1628.420625][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1628.425642][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1628.431022][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1628.436538][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1628.441920][ C0] __sock_sendmsg+0x221/0x270 [ 1628.446653][ C0] __sys_sendto+0x3a4/0x4f0 [ 1628.451250][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1628.456337][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1628.462406][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1628.468786][ C0] ? exc_page_fault+0x590/0x8c0 [ 1628.473734][ C0] __x64_sys_sendto+0xde/0x100 [ 1628.478551][ C0] do_syscall_64+0xf3/0x230 [ 1628.483130][ C0] ? clear_bhb_loop+0x35/0x90 [ 1628.487848][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1628.493821][ C0] RIP: 0033:0x7f0c4ad7902c [ 1628.498261][ C0] RSP: 002b:00007ffe0b846f00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1628.506773][ C0] RAX: ffffffffffffffda RBX: 00007f0c4ba34620 RCX: 00007f0c4ad7902c [ 1628.515177][ C0] RDX: 0000000000000028 RSI: 00007f0c4ba34670 RDI: 0000000000000003 [ 1628.523227][ C0] RBP: 0000000000000000 R08: 00007ffe0b846f54 R09: 000000000000000c [ 1628.532441][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1628.540777][ C0] R13: 0000000000000000 R14: 00007f0c4ba34670 R15: 0000000000000000 [ 1628.548803][ C0] [ 1628.551908][ C0] DEBUG: waiting rtnl_mutex for 5524 jiffies. [ 1628.558006][ C0] task:syz-executor state:D stack:21008 pid:14508 tgid:14508 ppid:1 flags:0x00004006 [ 1628.568279][ C0] Call Trace: [ 1628.571619][ C0] [ 1628.574922][ C0] __schedule+0x1800/0x4a60 [ 1628.579499][ C0] ? __pfx___schedule+0x10/0x10 [ 1628.584435][ C0] ? __pfx_lock_release+0x10/0x10 [ 1628.589499][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1628.595046][ C0] ? schedule+0x90/0x320 [ 1628.599336][ C0] schedule+0x14b/0x320 [ 1628.603600][ C0] schedule_preempt_disabled+0x13/0x30 [ 1628.609112][ C0] __mutex_lock+0x6a4/0xd70 [ 1628.614052][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1628.619305][ C0] ? __mutex_lock+0x527/0xd70 [ 1628.624155][ C0] ? nsim_destroy+0x71/0x5c0 [ 1628.628793][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1628.634004][ C0] ? __pfx_mntput_no_expire+0x10/0x10 [ 1628.639426][ C0] ? get_rtnl_holder+0x144/0x190 [ 1628.644449][ C0] nsim_destroy+0x71/0x5c0 [ 1628.648912][ C0] __nsim_dev_port_del+0x14b/0x1b0 [ 1628.654106][ C0] nsim_dev_reload_destroy+0x28a/0x490 [ 1628.659602][ C0] ? __pfx_nsim_bus_remove+0x10/0x10 [ 1628.664982][ C0] nsim_drv_remove+0x58/0x160 [ 1628.669800][ C0] device_release_driver_internal+0x4a9/0x7c0 [ 1628.676004][ C0] bus_remove_device+0x34f/0x420 [ 1628.681035][ C0] device_del+0x57a/0x9b0 [ 1628.685411][ C0] ? __pfx_device_del+0x10/0x10 [ 1628.690353][ C0] device_unregister+0x20/0xc0 [ 1628.695147][ C0] del_device_store+0x363/0x480 [ 1628.700054][ C0] ? __pfx_del_device_store+0x10/0x10 [ 1628.705477][ C0] ? sysfs_kf_write+0x182/0x2a0 [ 1628.710404][ C0] ? bus_attr_store+0x4f/0xa0 [ 1628.715110][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1628.720371][ C0] kernfs_fop_write_iter+0x3a1/0x500 [ 1628.725699][ C0] vfs_write+0xa72/0xc90 [ 1628.730019][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1628.735865][ C0] ? __pfx_vfs_write+0x10/0x10 [ 1628.740742][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1628.745969][ C0] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 1628.752107][ C0] ksys_write+0x1a0/0x2c0 [ 1628.756483][ C0] ? __pfx_ksys_write+0x10/0x10 [ 1628.761408][ C0] ? do_syscall_64+0x100/0x230 [ 1628.766202][ C0] ? do_syscall_64+0xb6/0x230 [ 1628.770943][ C0] do_syscall_64+0xf3/0x230 [ 1628.775478][ C0] ? clear_bhb_loop+0x35/0x90 [ 1628.780233][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1628.786164][ C0] RIP: 0033:0x7fb712b75e1f [ 1628.790734][ C0] RSP: 002b:00007ffd4bcefa60 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1628.799187][ C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fb712b75e1f [ 1628.807414][ C0] RDX: 0000000000000001 RSI: 00007ffd4bcefab0 RDI: 0000000000000005 [ 1628.815566][ C0] RBP: 00007fb712be5940 R08: 0000000000000000 R09: 00007ffd4bcef8b7 [ 1628.823624][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1628.831690][ C0] R13: 00007ffd4bcefab0 R14: 00007fb713834620 R15: 0000000000000003 [ 1628.839724][ C0] [ 1628.842873][ C0] DEBUG: waiting rtnl_mutex for 5552 jiffies. [ 1628.848950][ C0] task:syz-executor state:D stack:20992 pid:14414 tgid:14414 ppid:1 flags:0x00004004 [ 1628.859282][ C0] Call Trace: [ 1628.862625][ C0] [ 1628.865584][ C0] __schedule+0x1800/0x4a60 [ 1628.870169][ C0] ? __pfx___schedule+0x10/0x10 [ 1628.875062][ C0] ? __pfx_lock_release+0x10/0x10 [ 1628.880157][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1628.885656][ C0] ? schedule+0x90/0x320 [ 1628.889941][ C0] schedule+0x14b/0x320 [ 1628.894172][ C0] schedule_preempt_disabled+0x13/0x30 [ 1628.899666][ C0] __mutex_lock+0x6a4/0xd70 [ 1628.904258][ C0] ? __mutex_lock+0x527/0xd70 [ 1628.908961][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1628.914156][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1628.919225][ C0] ? get_rtnl_holder+0x144/0x190 [ 1628.924234][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1628.929202][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1628.934928][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1628.940477][ C0] ? ref_tracker_free+0x643/0x7e0 [ 1628.945539][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1628.950366][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1628.955859][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1628.961328][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1628.966568][ C0] netlink_unicast+0x7f6/0x990 [ 1628.971406][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1628.976729][ C0] ? __virt_addr_valid+0x183/0x530 [ 1628.981913][ C0] ? __check_object_size+0x49c/0x900 [ 1628.987230][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1628.992418][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1628.997231][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1629.002589][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1629.008874][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1629.013984][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1629.019309][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1629.024847][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1629.030196][ C0] __sock_sendmsg+0x221/0x270 [ 1629.035096][ C0] __sys_sendto+0x3a4/0x4f0 [ 1629.039649][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1629.044799][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1629.050938][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1629.057325][ C0] __x64_sys_sendto+0xde/0x100 [ 1629.062169][ C0] do_syscall_64+0xf3/0x230 [ 1629.066698][ C0] ? clear_bhb_loop+0x35/0x90 [ 1629.071447][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1629.077374][ C0] RIP: 0033:0x7f6fdfd7902c [ 1629.081853][ C0] RSP: 002b:00007ffcaa75b4f0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1629.090338][ C0] RAX: ffffffffffffffda RBX: 00007f6fe0a34620 RCX: 00007f6fdfd7902c [ 1629.098356][ C0] RDX: 0000000000000028 RSI: 00007f6fe0a34670 RDI: 0000000000000003 [ 1629.106436][ C0] RBP: 0000000000000000 R08: 00007ffcaa75b544 R09: 000000000000000c [ 1629.114653][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1629.122706][ C0] R13: 0000000000000000 R14: 00007f6fe0a34670 R15: 0000000000000000 [ 1629.130764][ C0] [ 1629.133904][ C0] DEBUG: waiting rtnl_mutex for 5576 jiffies. [ 1629.140116][ C0] task:kworker/u8:3 state:D stack:19896 pid:13051 tgid:13051 ppid:2 flags:0x00004000 [ 1629.150348][ C0] Workqueue: ipv6_addrconf addrconf_dad_work [ 1629.156382][ C0] Call Trace: [ 1629.159698][ C0] [ 1629.162707][ C0] __schedule+0x1800/0x4a60 [ 1629.167270][ C0] ? __pfx___schedule+0x10/0x10 [ 1629.172199][ C0] ? __pfx_lock_release+0x10/0x10 [ 1629.177435][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1629.183319][ C0] ? kthread_data+0x52/0xd0 [ 1629.187853][ C0] ? schedule+0x90/0x320 [ 1629.192168][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1629.197324][ C0] ? schedule+0x90/0x320 [ 1629.201682][ C0] schedule+0x14b/0x320 [ 1629.205964][ C0] schedule_preempt_disabled+0x13/0x30 [ 1629.211486][ C0] __mutex_lock+0x6a4/0xd70 [ 1629.216012][ C0] ? mark_lock+0x9a/0x360 [ 1629.220435][ C0] ? __mutex_lock+0x527/0xd70 [ 1629.225155][ C0] ? addrconf_dad_work+0xd0/0x16f0 [ 1629.230347][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1629.235679][ C0] ? get_rtnl_holder+0x144/0x190 [ 1629.240708][ C0] addrconf_dad_work+0xd0/0x16f0 [ 1629.245694][ C0] ? __pfx_addrconf_dad_work+0x10/0x10 [ 1629.251226][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1629.257611][ C0] ? process_scheduled_works+0x945/0x1830 [ 1629.263409][ C0] process_scheduled_works+0xa2c/0x1830 [ 1629.269018][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1629.275093][ C0] ? assign_work+0x364/0x3d0 [ 1629.279728][ C0] worker_thread+0x86d/0xd40 [ 1629.284410][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1629.290384][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1629.295446][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1629.300626][ C0] kthread+0x2f0/0x390 [ 1629.304746][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1629.309910][ C0] ? __pfx_kthread+0x10/0x10 [ 1629.314694][ C0] ret_from_fork+0x4b/0x80 [ 1629.319253][ C0] ? __pfx_kthread+0x10/0x10 [ 1629.323943][ C0] ret_from_fork_asm+0x1a/0x30 [ 1629.328782][ C0] [ 1629.331883][ C0] DEBUG: waiting rtnl_mutex for 5594 jiffies. [ 1629.337966][ C0] task:syz-executor state:D stack:21728 pid:14482 tgid:14482 ppid:1 flags:0x00000004 [ 1629.348242][ C0] Call Trace: [ 1629.351597][ C0] [ 1629.354562][ C0] __schedule+0x1800/0x4a60 [ 1629.359222][ C0] ? __pfx___schedule+0x10/0x10 [ 1629.364163][ C0] ? __pfx_lock_release+0x10/0x10 [ 1629.369232][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1629.374782][ C0] ? schedule+0x90/0x320 [ 1629.379067][ C0] schedule+0x14b/0x320 [ 1629.383317][ C0] schedule_preempt_disabled+0x13/0x30 [ 1629.388919][ C0] __mutex_lock+0x6a4/0xd70 [ 1629.393515][ C0] ? __mutex_lock+0x527/0xd70 [ 1629.398220][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1629.403440][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1629.408513][ C0] ? get_rtnl_holder+0x144/0x190 [ 1629.413540][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1629.418624][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1629.423815][ C0] ? __lock_acquire+0x1384/0x2050 [ 1629.428885][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1629.434459][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1629.439258][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1629.444818][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1629.450225][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1629.455461][ C0] netlink_unicast+0x7f6/0x990 [ 1629.460297][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1629.465614][ C0] ? __virt_addr_valid+0x183/0x530 [ 1629.470796][ C0] ? __check_object_size+0x49c/0x900 [ 1629.476108][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1629.481287][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1629.486101][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1629.491538][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1629.497899][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1629.502910][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1629.508225][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1629.513760][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1629.519071][ C0] __sock_sendmsg+0x221/0x270 [ 1629.523832][ C0] __sys_sendto+0x3a4/0x4f0 [ 1629.528372][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1629.533494][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1629.539509][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1629.545924][ C0] __x64_sys_sendto+0xde/0x100 [ 1629.550757][ C0] do_syscall_64+0xf3/0x230 [ 1629.555547][ C0] ? clear_bhb_loop+0x35/0x90 [ 1629.560297][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1629.566218][ C0] RIP: 0033:0x7f719cf7902c [ 1629.570690][ C0] RSP: 002b:00007ffc2e602570 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1629.579133][ C0] RAX: ffffffffffffffda RBX: 00007f719dc335c0 RCX: 00007f719cf7902c [ 1629.587179][ C0] RDX: 0000000000000030 RSI: 00007f719dc33610 RDI: 0000000000000006 [ 1629.595230][ C0] RBP: 0000000000000000 R08: 00007ffc2e6025c4 R09: 000000000000000c [ 1629.603278][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006 [ 1629.611315][ C0] R13: 0000000000000000 R14: 00007f719dc33610 R15: 0000000000000000 [ 1629.619351][ C0] [ 1629.622448][ C0] DEBUG: holding rtnl_mutex for 5623 jiffies. [ 1629.628532][ C0] task:kworker/u8:11 state:D stack:18640 pid:8523 tgid:8523 ppid:2 flags:0x00004000 [ 1629.638976][ C0] Workqueue: netns cleanup_net [ 1629.643828][ C0] Call Trace: [ 1629.647126][ C0] [ 1629.650117][ C0] __schedule+0x1800/0x4a60 [ 1629.654682][ C0] ? __pfx___schedule+0x10/0x10 [ 1629.659579][ C0] ? __pfx_lock_release+0x10/0x10 [ 1629.664695][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1629.670680][ C0] ? kthread_data+0x52/0xd0 [ 1629.675224][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1629.680415][ C0] ? schedule+0x90/0x320 [ 1629.684696][ C0] schedule+0x14b/0x320 [ 1629.688902][ C0] synchronize_rcu_expedited+0x684/0x830 [ 1629.694709][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 1629.700953][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1629.706272][ C0] ? __pfx___might_resched+0x10/0x10 [ 1629.711729][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1629.717748][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1629.724020][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1629.730445][ C0] synchronize_rcu+0x11b/0x360 [ 1629.735252][ C0] ? __pfx_synchronize_rcu+0x10/0x10 [ 1629.740614][ C0] lockdep_unregister_key+0x4b7/0x540 [ 1629.746033][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 1629.752016][ C0] ? rcu_is_watching+0x15/0xb0 [ 1629.756811][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 1629.761484][ C0] __qdisc_destroy+0x165/0x410 [ 1629.766297][ C0] dev_shutdown+0x9b/0x450 [ 1629.770805][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 1629.777188][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1629.784056][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1629.790035][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1629.796222][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1629.801961][ C0] ? __pfx___might_resched+0x10/0x10 [ 1629.807334][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1629.813581][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1629.818911][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1629.825161][ C0] cleanup_net+0x89d/0xcc0 [ 1629.829625][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1629.834663][ C0] ? process_scheduled_works+0x945/0x1830 [ 1629.840565][ C0] process_scheduled_works+0xa2c/0x1830 [ 1629.846184][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1629.852434][ C0] ? assign_work+0x364/0x3d0 [ 1629.857160][ C0] worker_thread+0x86d/0xd40 [ 1629.861859][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1629.866935][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1629.872134][ C0] kthread+0x2f0/0x390 [ 1629.876235][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1629.881423][ C0] ? __pfx_kthread+0x10/0x10 [ 1629.886045][ C0] ret_from_fork+0x4b/0x80 [ 1629.890537][ C0] ? __pfx_kthread+0x10/0x10 [ 1629.895156][ C0] ret_from_fork_asm+0x1a/0x30 [ 1629.899996][ C0] [ 1629.903033][ C0] [ 1629.903033][ C0] Showing all locks held in the system: [ 1629.910802][ C0] 2 locks held by ksoftirqd/1/24: [ 1629.915841][ C0] #0: ffff8880b933ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 1629.925897][ C0] #1: ffff8880b9328948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770 [ 1629.937462][ C0] 2 locks held by getty/4979: [ 1629.942214][ C0] #0: ffff88802fc7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1629.952091][ C0] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1629.962323][ C0] 3 locks held by kworker/0:6/5275: [ 1629.967551][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1629.978643][ C0] #1: ffffc900038c7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1629.989747][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1629.998838][ C0] 3 locks held by kworker/1:5/5332: [ 1630.004115][ C0] #0: ffff888015881948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1630.016598][ C0] #1: ffffc90003f4fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1630.027963][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 1630.037673][ C0] 3 locks held by syz.4.332/6756: [ 1630.042773][ C0] 5 locks held by kworker/u8:11/8523: [ 1630.048168][ C0] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1630.059266][ C0] #1: ffffc90004a7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1630.069925][ C0] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1630.079413][ C0] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 1630.089552][ C0] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 1630.100548][ C0] 2 locks held by syz.2.1378/11061: [ 1630.105868][ C0] 1 lock held by segctord/11071: [ 1630.110872][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 1630.121863][ C0] 3 locks held by kworker/u8:3/13051: [ 1630.127290][ C0] #0: ffff88802a913148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1630.138980][ C0] #1: ffffc90003277d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1630.151891][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 1630.161498][ C0] 4 locks held by kworker/u8:6/13220: [ 1630.166899][ C0] #0: ffff88802b31e148 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1630.178353][ C0] #1: ffffc9000350fd00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1630.191625][ C0] #2: ffffc90000007ca0 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1630.201842][ C0] #3: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1630.211803][ C0] 1 lock held by syz-executor/14414: [ 1630.217100][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1630.226627][ C0] 1 lock held by syz-executor/14482: [ 1630.232003][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1630.241619][ C0] 4 locks held by syz-executor/14502: [ 1630.247105][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1630.256110][ C0] #1: ffff888022e80088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1630.265983][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1630.276214][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1630.286700][ C0] 4 locks held by syz-executor/14506: [ 1630.292135][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1630.301666][ C0] #1: ffff88802cdd4488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1630.311536][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1630.321686][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1630.332171][ C0] 7 locks held by syz-executor/14508: [ 1630.337570][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1630.346590][ C0] #1: ffff88802ce9d488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1630.356787][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1630.366927][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1630.377322][ C0] #4: ffff888064d730e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1630.387975][ C0] #5: ffff888064d72250 (&devlink->lock_key#92){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 1630.398211][ C0] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 1630.407230][ C0] 1 lock held by syz-executor/14539: [ 1630.412590][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1630.422113][ C0] 1 lock held by syz-executor/14542: [ 1630.427418][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1630.436939][ C0] 1 lock held by syz-executor/14545: [ 1630.442279][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1630.451808][ C0] 1 lock held by syz-executor/14549: [ 1630.457113][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1630.466630][ C0] 1 lock held by syz-executor/14551: [ 1630.472077][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1630.481606][ C0] [ 1630.483946][ C0] ============================================= [ 1630.483946][ C0] [ 1631.100707][T14482] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1631.280615][T11061] bio_check_eod: 112510 callbacks suppressed [ 1631.280636][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.280636][T11061] loop2: rw=3, sector=165291247710608, nr_sectors = 8388600 limit=0 [ 1631.391692][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.391692][T11061] loop2: rw=3, sector=165291256099208, nr_sectors = 8388600 limit=0 [ 1631.480135][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.480135][T11061] loop2: rw=3, sector=165291264487808, nr_sectors = 8388600 limit=0 [ 1631.540112][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.540112][T11061] loop2: rw=3, sector=165291272876408, nr_sectors = 8388600 limit=0 [ 1631.610052][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.610052][T11061] loop2: rw=3, sector=165291281265008, nr_sectors = 8388600 limit=0 [ 1631.670367][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.670367][T11061] loop2: rw=3, sector=165291289653608, nr_sectors = 8388600 limit=0 [ 1631.700141][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.700141][T11061] loop2: rw=3, sector=165291298042208, nr_sectors = 8388600 limit=0 [ 1631.760144][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.760144][T11061] loop2: rw=3, sector=165291306430808, nr_sectors = 8388600 limit=0 [ 1631.821120][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.821120][T11061] loop2: rw=3, sector=165291314819408, nr_sectors = 8388600 limit=0 [ 1631.872245][T11061] syz.2.1378: attempt to access beyond end of device [ 1631.872245][T11061] loop2: rw=3, sector=165291323208008, nr_sectors = 8388600 limit=0 [ 1633.820185][T14542] chnl_net:caif_netlink_parms(): no params data found [ 1633.897924][T14539] chnl_net:caif_netlink_parms(): no params data found [ 1633.916638][T14551] chnl_net:caif_netlink_parms(): no params data found [ 1633.944454][T14549] chnl_net:caif_netlink_parms(): no params data found [ 1633.969353][T14545] chnl_net:caif_netlink_parms(): no params data found [ 1635.175632][T14542] bridge0: port 1(bridge_slave_0) entered blocking state [ 1635.190215][T14542] bridge0: port 1(bridge_slave_0) entered disabled state [ 1635.197502][T14542] bridge_slave_0: entered allmulticast mode [ 1635.221625][T14542] bridge_slave_0: entered promiscuous mode [ 1635.241613][T14542] bridge0: port 2(bridge_slave_1) entered blocking state [ 1635.248792][T14542] bridge0: port 2(bridge_slave_1) entered disabled state [ 1635.271266][T14542] bridge_slave_1: entered allmulticast mode [ 1635.290445][T14542] bridge_slave_1: entered promiscuous mode [ 1635.450939][T14551] bridge0: port 1(bridge_slave_0) entered blocking state [ 1635.458119][T14551] bridge0: port 1(bridge_slave_0) entered disabled state [ 1635.485685][T14551] bridge_slave_0: entered allmulticast mode [ 1635.501664][T14551] bridge_slave_0: entered promiscuous mode [ 1635.533464][T14549] bridge0: port 1(bridge_slave_0) entered blocking state [ 1635.541356][T14549] bridge0: port 1(bridge_slave_0) entered disabled state [ 1635.548657][T14549] bridge_slave_0: entered allmulticast mode [ 1635.581585][T14549] bridge_slave_0: entered promiscuous mode [ 1635.590907][T14545] bridge0: port 1(bridge_slave_0) entered blocking state [ 1635.598059][T14545] bridge0: port 1(bridge_slave_0) entered disabled state [ 1635.640341][T14545] bridge_slave_0: entered allmulticast mode [ 1635.664853][T14545] bridge_slave_0: entered promiscuous mode [ 1635.775893][T14542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1635.814930][T14539] bridge0: port 1(bridge_slave_0) entered blocking state [ 1635.838733][T14539] bridge0: port 1(bridge_slave_0) entered disabled state [ 1635.846786][T14539] bridge_slave_0: entered allmulticast mode [ 1635.856206][T14539] bridge_slave_0: entered promiscuous mode [ 1635.864559][T14551] bridge0: port 2(bridge_slave_1) entered blocking state [ 1635.890433][T14551] bridge0: port 2(bridge_slave_1) entered disabled state [ 1635.920968][T14551] bridge_slave_1: entered allmulticast mode [ 1635.950635][T14551] bridge_slave_1: entered promiscuous mode [ 1636.002902][T14549] bridge0: port 2(bridge_slave_1) entered blocking state [ 1636.010380][T14549] bridge0: port 2(bridge_slave_1) entered disabled state [ 1636.017781][T14549] bridge_slave_1: entered allmulticast mode [ 1636.042433][T14549] bridge_slave_1: entered promiscuous mode [ 1636.092100][T14545] bridge0: port 2(bridge_slave_1) entered blocking state [ 1636.106872][T14545] bridge0: port 2(bridge_slave_1) entered disabled state [ 1636.130286][T14545] bridge_slave_1: entered allmulticast mode [ 1636.137766][T14545] bridge_slave_1: entered promiscuous mode [ 1636.191086][T14542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1636.300108][T11061] bio_check_eod: 94185 callbacks suppressed [ 1636.300131][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.300131][T11061] loop2: rw=3, sector=166081411887608, nr_sectors = 8388600 limit=0 [ 1636.344899][T14539] bridge0: port 2(bridge_slave_1) entered blocking state [ 1636.370451][T14539] bridge0: port 2(bridge_slave_1) entered disabled state [ 1636.377783][T14539] bridge_slave_1: entered allmulticast mode [ 1636.383751][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.383751][T11061] loop2: rw=3, sector=166081420276208, nr_sectors = 8388600 limit=0 [ 1636.383802][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.383802][T11061] loop2: rw=3, sector=166081428664808, nr_sectors = 8388600 limit=0 [ 1636.383845][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.383845][T11061] loop2: rw=3, sector=166081437053408, nr_sectors = 8388600 limit=0 [ 1636.383898][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.383898][T11061] loop2: rw=3, sector=166081445442008, nr_sectors = 8388600 limit=0 [ 1636.383940][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.383940][T11061] loop2: rw=3, sector=166081453830608, nr_sectors = 8388600 limit=0 [ 1636.383982][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.383982][T11061] loop2: rw=3, sector=166081462219208, nr_sectors = 8388600 limit=0 [ 1636.384021][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.384021][T11061] loop2: rw=3, sector=166081470607808, nr_sectors = 8388600 limit=0 [ 1636.384060][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.384060][T11061] loop2: rw=3, sector=166081478996408, nr_sectors = 8388600 limit=0 [ 1636.384103][T11061] syz.2.1378: attempt to access beyond end of device [ 1636.384103][T11061] loop2: rw=3, sector=166081487385008, nr_sectors = 8388600 limit=0 [ 1636.602047][T14539] bridge_slave_1: entered promiscuous mode [ 1636.811995][T14551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1636.851261][T14549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1636.874585][T14549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1637.002583][T14542] team0: Port device team_slave_0 added [ 1637.027519][T14539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1637.153487][T14551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1637.255299][T14545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1637.300664][T14545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1637.313519][T14542] team0: Port device team_slave_1 added [ 1637.342926][T14539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1637.454523][T14549] team0: Port device team_slave_0 added [ 1637.483285][T14549] team0: Port device team_slave_1 added [ 1637.664513][T14539] team0: Port device team_slave_0 added [ 1637.696660][T14551] team0: Port device team_slave_0 added [ 1637.737383][T14551] team0: Port device team_slave_1 added [ 1637.775846][T14549] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1637.793405][T14549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1637.870213][T14549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1637.884833][T14542] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1637.901049][T14542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1637.950186][T14542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1637.983057][T14542] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1638.000636][T14542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1638.050328][T14542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1638.122370][T14545] team0: Port device team_slave_0 added [ 1638.144720][T14539] team0: Port device team_slave_1 added [ 1638.270816][T14549] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1638.277806][T14549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1638.350059][T14549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1638.397860][T14545] team0: Port device team_slave_1 added [ 1638.533435][T14551] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1638.541255][T14551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1638.600070][T14551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1638.622680][T14551] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1638.629679][T14551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1638.701044][T14551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1638.818840][T14545] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1638.825979][T14545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1638.880454][T14545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1638.904778][T14539] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1638.930313][T14539] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1638.986783][T14539] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1639.014883][T14539] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1639.030581][T14539] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1639.078583][T14539] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1639.157335][T14545] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1639.170148][T14545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1639.230096][T14545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1639.327923][T14542] hsr_slave_0: entered promiscuous mode [ 1639.351916][T14542] hsr_slave_1: entered promiscuous mode [ 1639.507303][T14545] hsr_slave_0: entered promiscuous mode [ 1639.531058][T14545] hsr_slave_1: entered promiscuous mode [ 1639.537980][T14545] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1639.560100][T14545] Cannot create hsr debugfs directory [ 1639.734841][T14549] hsr_slave_0: entered promiscuous mode [ 1639.769533][T14549] hsr_slave_1: entered promiscuous mode [ 1639.791954][T14549] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1639.799577][T14549] Cannot create hsr debugfs directory [ 1639.858497][T14551] hsr_slave_0: entered promiscuous mode [ 1639.865587][T14551] hsr_slave_1: entered promiscuous mode [ 1639.881243][T14551] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1639.901393][T14551] Cannot create hsr debugfs directory [ 1639.975077][T14539] hsr_slave_0: entered promiscuous mode [ 1640.024396][T14539] hsr_slave_1: entered promiscuous mode [ 1640.041458][T14539] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1640.049329][T14539] Cannot create hsr debugfs directory [ 1641.320049][T11061] bio_check_eod: 109901 callbacks suppressed [ 1641.320069][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.320069][T11061] loop2: rw=3, sector=167003411302208, nr_sectors = 8388600 limit=0 [ 1641.359436][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.359436][T11061] loop2: rw=3, sector=167003419690808, nr_sectors = 8388600 limit=0 [ 1641.375906][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.375906][T11061] loop2: rw=3, sector=167003428079408, nr_sectors = 8388600 limit=0 [ 1641.391542][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.391542][T11061] loop2: rw=3, sector=167003436468008, nr_sectors = 8388600 limit=0 [ 1641.418669][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.418669][T11061] loop2: rw=3, sector=167003444856608, nr_sectors = 8388600 limit=0 [ 1641.440530][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.440530][T11061] loop2: rw=3, sector=167003453245208, nr_sectors = 8388600 limit=0 [ 1641.455879][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.455879][T11061] loop2: rw=3, sector=167003461633808, nr_sectors = 8388600 limit=0 [ 1641.472384][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.472384][T11061] loop2: rw=3, sector=167003470022408, nr_sectors = 8388600 limit=0 [ 1641.499730][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.499730][T11061] loop2: rw=3, sector=167003478411008, nr_sectors = 8388600 limit=0 [ 1641.515984][T11061] syz.2.1378: attempt to access beyond end of device [ 1641.515984][T11061] loop2: rw=3, sector=167003486799608, nr_sectors = 8388600 limit=0 [ 1643.225831][ T8523] bridge_slave_1: left allmulticast mode [ 1643.243405][ T8523] bridge_slave_1: left promiscuous mode [ 1643.249238][ T8523] bridge0: port 2(bridge_slave_1) entered disabled state [ 1643.293399][ T8523] bridge_slave_0: left allmulticast mode [ 1643.299273][ T8523] bridge_slave_0: left promiscuous mode [ 1643.321089][ T8523] bridge0: port 1(bridge_slave_0) entered disabled state [ 1643.361582][ T8523] bridge_slave_1: left allmulticast mode [ 1643.367319][ T8523] bridge_slave_1: left promiscuous mode [ 1643.380777][ T8523] bridge0: port 2(bridge_slave_1) entered disabled state [ 1643.403111][ T8523] bridge_slave_0: left allmulticast mode [ 1643.408805][ T8523] bridge_slave_0: left promiscuous mode [ 1643.430548][ T8523] bridge0: port 1(bridge_slave_0) entered disabled state [ 1643.443303][ T8523] bridge_slave_1: left allmulticast mode [ 1643.449080][ T8523] bridge_slave_1: left promiscuous mode [ 1643.473011][ T8523] bridge0: port 2(bridge_slave_1) entered disabled state [ 1643.492515][ T8523] bridge_slave_0: left allmulticast mode [ 1643.498219][ T8523] bridge_slave_0: left promiscuous mode [ 1643.520261][ T8523] bridge0: port 1(bridge_slave_0) entered disabled state [ 1643.534190][ T8523] bridge_slave_1: left allmulticast mode [ 1643.540958][ T8523] bridge_slave_1: left promiscuous mode [ 1643.546728][ T8523] bridge0: port 2(bridge_slave_1) entered disabled state [ 1643.581657][ T8523] bridge_slave_0: left allmulticast mode [ 1643.587376][ T8523] bridge_slave_0: left promiscuous mode [ 1643.620194][ T8523] bridge0: port 1(bridge_slave_0) entered disabled state [ 1643.643021][ T8523] bridge_slave_1: left allmulticast mode [ 1643.648732][ T8523] bridge_slave_1: left promiscuous mode [ 1643.669520][ T8523] bridge0: port 2(bridge_slave_1) entered disabled state [ 1643.692202][ T8523] bridge_slave_0: left allmulticast mode [ 1643.697998][ T8523] bridge_slave_0: left promiscuous mode [ 1643.710326][ T8523] bridge0: port 1(bridge_slave_0) entered disabled state [ 1645.321530][ T8523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1645.333397][ T8523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1645.361944][ T8523] bond0 (unregistering): Released all slaves [ 1645.411810][ T8523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1645.441463][ T8523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1645.462696][ T8523] bond0 (unregistering): Released all slaves [ 1645.504129][ T8523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1645.553651][ T8523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1645.573874][ T8523] bond0 (unregistering): Released all slaves [ 1645.612863][ T8523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1645.651306][ T8523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1645.681045][ T8523] bond0 (unregistering): Released all slaves [ 1646.323655][ T8523] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1646.330353][T11061] bio_check_eod: 121291 callbacks suppressed [ 1646.330373][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.330373][T11061] loop2: rw=3, sector=168020956870808, nr_sectors = 8388600 limit=0 [ 1646.357801][ T8523] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1646.373955][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.373955][T11061] loop2: rw=3, sector=168020965259408, nr_sectors = 8388600 limit=0 [ 1646.380951][ T8523] bond0 (unregistering): Released all slaves [ 1646.389071][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.389071][T11061] loop2: rw=3, sector=168020973648008, nr_sectors = 8388600 limit=0 [ 1646.430665][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.430665][T11061] loop2: rw=3, sector=168020982036608, nr_sectors = 8388600 limit=0 [ 1646.480155][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.480155][T11061] loop2: rw=3, sector=168020990425208, nr_sectors = 8388600 limit=0 [ 1646.511859][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.511859][T11061] loop2: rw=3, sector=168020998813808, nr_sectors = 8388600 limit=0 [ 1646.540811][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.540811][T11061] loop2: rw=3, sector=168021007202408, nr_sectors = 8388600 limit=0 [ 1646.591762][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.591762][T11061] loop2: rw=3, sector=168021015591008, nr_sectors = 8388600 limit=0 [ 1646.637853][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.637853][T11061] loop2: rw=3, sector=168021023979608, nr_sectors = 8388600 limit=0 [ 1646.686762][T11061] syz.2.1378: attempt to access beyond end of device [ 1646.686762][T11061] loop2: rw=3, sector=168021032368208, nr_sectors = 8388600 limit=0 [ 1647.069368][ T8523] hsr_slave_0: left promiscuous mode [ 1647.116223][ T8523] hsr_slave_1: left promiscuous mode [ 1647.143231][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1647.159782][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1647.255323][ T8523] hsr_slave_0: left promiscuous mode [ 1647.278151][ T8523] hsr_slave_1: left promiscuous mode [ 1647.340157][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1647.390885][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1647.481339][ T8523] hsr_slave_0: left promiscuous mode [ 1647.510601][ T8523] hsr_slave_1: left promiscuous mode [ 1647.517030][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1647.541286][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1647.589789][ T8523] hsr_slave_0: left promiscuous mode [ 1647.630083][ T8523] hsr_slave_1: left promiscuous mode [ 1647.636415][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1647.657481][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1647.690048][ T8523] hsr_slave_0: left promiscuous mode [ 1647.710527][ T8523] hsr_slave_1: left promiscuous mode [ 1647.717002][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1647.741018][ T8523] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1647.842761][ T8523] veth1_vlan: left promiscuous mode [ 1647.848145][ T8523] veth0_vlan: left promiscuous mode [ 1648.418896][T13587] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1648.442711][T13587] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1648.461282][T13587] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1648.469775][T13587] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1648.478555][T13587] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1648.486338][T13587] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1648.801640][ T8523] team0 (unregistering): Port device team_slave_1 removed [ 1648.920850][ T8523] team0 (unregistering): Port device team_slave_0 removed [ 1649.984544][ T8523] team0 (unregistering): Port device team_slave_1 removed [ 1650.100722][ T8523] team0 (unregistering): Port device team_slave_0 removed [ 1650.550201][T13586] Bluetooth: hci0: command tx timeout [ 1651.266320][ T8523] team0 (unregistering): Port device team_slave_1 removed [ 1651.340078][T11061] bio_check_eod: 105294 callbacks suppressed [ 1651.340101][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.340101][T11061] loop2: rw=3, sector=168904310005208, nr_sectors = 8388600 limit=0 [ 1651.374827][ T8523] team0 (unregistering): Port device team_slave_0 removed [ 1651.384806][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.384806][T11061] loop2: rw=3, sector=168904318393808, nr_sectors = 8388600 limit=0 [ 1651.414051][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.414051][T11061] loop2: rw=3, sector=168904326782408, nr_sectors = 8388600 limit=0 [ 1651.438690][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.438690][T11061] loop2: rw=3, sector=168904335171008, nr_sectors = 8388600 limit=0 [ 1651.470239][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.470239][T11061] loop2: rw=3, sector=168904343559608, nr_sectors = 8388600 limit=0 [ 1651.499023][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.499023][T11061] loop2: rw=3, sector=168904351948208, nr_sectors = 8388600 limit=0 [ 1651.528369][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.528369][T11061] loop2: rw=3, sector=168904360336808, nr_sectors = 8388600 limit=0 [ 1651.550085][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.550085][T11061] loop2: rw=3, sector=168904368725408, nr_sectors = 8388600 limit=0 [ 1651.579723][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.579723][T11061] loop2: rw=3, sector=168904377114008, nr_sectors = 8388600 limit=0 [ 1651.610245][T11061] syz.2.1378: attempt to access beyond end of device [ 1651.610245][T11061] loop2: rw=3, sector=168904385502608, nr_sectors = 8388600 limit=0 [ 1652.310446][ C0] DEBUG: holding rtnl_mutex for 529 jiffies. [ 1652.316507][ C0] task:kworker/u8:11 state:D stack:18640 pid:8523 tgid:8523 ppid:2 flags:0x00004000 [ 1652.326877][ C0] Workqueue: netns cleanup_net [ 1652.331724][ C0] Call Trace: [ 1652.335019][ C0] [ 1652.337962][ C0] __schedule+0x1800/0x4a60 [ 1652.342586][ C0] ? __pfx___schedule+0x10/0x10 [ 1652.347474][ C0] ? __pfx_lock_release+0x10/0x10 [ 1652.352601][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1652.358624][ C0] ? kthread_data+0x52/0xd0 [ 1652.363197][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1652.368334][ C0] ? schedule+0x90/0x320 [ 1652.372646][ C0] schedule+0x14b/0x320 [ 1652.376838][ C0] synchronize_rcu_expedited+0x684/0x830 [ 1652.382548][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 1652.389011][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1652.394370][ C0] ? __pfx___might_resched+0x10/0x10 [ 1652.399683][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1652.405742][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1652.411888][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1652.418273][ C0] synchronize_rcu+0x11b/0x360 [ 1652.423110][ C0] ? __pfx_synchronize_rcu+0x10/0x10 [ 1652.428434][ C0] ? __phys_addr+0x105/0x170 [ 1652.433189][ C0] lockdep_unregister_key+0x4b7/0x540 [ 1652.438603][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 1652.444591][ C0] ? rcu_is_watching+0x15/0xb0 [ 1652.449392][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 1652.454067][ C0] __qdisc_destroy+0x165/0x410 [ 1652.459040][ C0] dev_shutdown+0x9b/0x450 [ 1652.463619][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 1652.470033][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1652.476926][ C0] ? batadv_hash_remove+0x504/0x680 [ 1652.482227][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1652.488344][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1652.494669][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1652.500467][ C0] ? __pfx___might_resched+0x10/0x10 [ 1652.505884][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1652.512143][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1652.517461][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1652.523939][ C0] cleanup_net+0x89d/0xcc0 [ 1652.528398][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1652.533426][ C0] ? process_scheduled_works+0x945/0x1830 [ 1652.539191][ C0] process_scheduled_works+0xa2c/0x1830 [ 1652.544841][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1652.550897][ C0] ? assign_work+0x364/0x3d0 [ 1652.555520][ C0] worker_thread+0x86d/0xd40 [ 1652.560187][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1652.565253][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1652.570436][ C0] kthread+0x2f0/0x390 [ 1652.574524][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1652.579655][ C0] ? __pfx_kthread+0x10/0x10 [ 1652.584311][ C0] ret_from_fork+0x4b/0x80 [ 1652.588761][ C0] ? __pfx_kthread+0x10/0x10 [ 1652.593421][ C0] ret_from_fork_asm+0x1a/0x30 [ 1652.598235][ C0] [ 1652.601320][ C0] DEBUG: waiting rtnl_mutex for 553 jiffies. [ 1652.607309][ C0] task:syz-executor state:D stack:20496 pid:14549 tgid:14549 ppid:14547 flags:0x00004002 [ 1652.617809][ C0] Call Trace: [ 1652.621142][ C0] [ 1652.624180][ C0] __schedule+0x1800/0x4a60 [ 1652.628747][ C0] ? __pfx___schedule+0x10/0x10 [ 1652.633680][ C0] ? __pfx_lock_release+0x10/0x10 [ 1652.638738][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1652.644329][ C0] ? schedule+0x90/0x320 [ 1652.648599][ C0] schedule+0x14b/0x320 [ 1652.652829][ C0] schedule_preempt_disabled+0x13/0x30 [ 1652.658324][ C0] __mutex_lock+0x6a4/0xd70 [ 1652.662901][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1652.668262][ C0] ? __mutex_lock+0x527/0xd70 [ 1652.672994][ C0] ? nsim_destroy+0x71/0x5c0 [ 1652.677701][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1652.682788][ C0] ? __pfx_mntput_no_expire+0x10/0x10 [ 1652.688916][ C0] ? get_rtnl_holder+0x144/0x190 [ 1652.693959][ C0] nsim_destroy+0x71/0x5c0 [ 1652.698421][ C0] __nsim_dev_port_del+0x14b/0x1b0 [ 1652.703650][ C0] nsim_dev_reload_destroy+0x28a/0x490 [ 1652.709162][ C0] ? __pfx_nsim_bus_remove+0x10/0x10 [ 1652.714531][ C0] nsim_drv_remove+0x58/0x160 [ 1652.719273][ C0] device_release_driver_internal+0x4a9/0x7c0 [ 1652.725422][ C0] bus_remove_device+0x34f/0x420 [ 1652.730525][ C0] device_del+0x57a/0x9b0 [ 1652.734896][ C0] ? __pfx_device_del+0x10/0x10 [ 1652.739801][ C0] device_unregister+0x20/0xc0 [ 1652.744730][ C0] del_device_store+0x363/0x480 [ 1652.749706][ C0] ? __pfx_del_device_store+0x10/0x10 [ 1652.755158][ C0] ? sysfs_kf_write+0x182/0x2a0 [ 1652.760065][ C0] ? bus_attr_store+0x4f/0xa0 [ 1652.764774][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1652.770035][ C0] kernfs_fop_write_iter+0x3a1/0x500 [ 1652.775358][ C0] vfs_write+0xa72/0xc90 [ 1652.779726][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1652.785602][ C0] ? __pfx_vfs_write+0x10/0x10 [ 1652.790461][ C0] ksys_write+0x1a0/0x2c0 [ 1652.794839][ C0] ? __pfx_ksys_write+0x10/0x10 [ 1652.799727][ C0] ? do_syscall_64+0x100/0x230 [ 1652.804572][ C0] ? do_syscall_64+0xb6/0x230 [ 1652.809373][ C0] do_syscall_64+0xf3/0x230 [ 1652.813944][ C0] ? clear_bhb_loop+0x35/0x90 [ 1652.818657][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1652.824629][ C0] RIP: 0033:0x7fa29c775e1f [ 1652.829072][ C0] RSP: 002b:00007ffd629eb440 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1652.837575][ C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fa29c775e1f [ 1652.845701][ C0] RDX: 0000000000000001 RSI: 00007ffd629eb490 RDI: 0000000000000005 [ 1652.853758][ C0] RBP: 00007fa29c7e5940 R08: 0000000000000000 R09: 00007ffd629eb297 [ 1652.861942][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1652.869944][ C0] R13: 00007ffd629eb490 R14: 00007fa29d434620 R15: 0000000000000003 [ 1652.878025][ C0] [ 1652.881104][ C0] [ 1652.881104][ C0] Showing all locks held in the system: [ 1652.888878][ C0] 2 locks held by getty/4979: [ 1652.893627][ C0] #0: ffff88802fc7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1652.903496][ C0] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1652.913711][ C0] 3 locks held by syz.4.332/6756: [ 1652.918856][ C0] 5 locks held by kworker/u8:11/8523: [ 1652.924377][ C0] 2 locks held by syz.2.1378/11061: [ 1652.929592][ C0] 1 lock held by segctord/11071: [ 1652.934629][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 1652.945724][ C0] 3 locks held by kworker/u8:3/13051: [ 1652.951162][ C0] 3 locks held by kworker/0:1/13690: [ 1652.956461][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1652.967543][ C0] #1: ffffc900034b7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1652.981413][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1652.990510][ C0] 4 locks held by syz-executor/14539: [ 1652.995995][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1653.006958][ C0] #1: ffff88802d25e888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1653.016843][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1653.027439][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1653.038011][ C0] 4 locks held by syz-executor/14542: [ 1653.043740][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1653.052768][ C0] #1: ffff88807d4ac888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1653.062716][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1653.072938][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1653.083694][ C0] 4 locks held by syz-executor/14545: [ 1653.089085][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1653.098107][ C0] #1: ffff8880566a3088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1653.108018][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1653.118165][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1653.128648][ C0] 7 locks held by syz-executor/14549: [ 1653.134090][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1653.143147][ C0] #1: ffff88807dc56c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1653.153099][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1653.163603][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1653.174206][ C0] #4: ffff88806a5350e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1653.185044][ C0] #5: ffff88806c1e5250 (&devlink->lock_key#97){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 1653.195308][ C0] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 1653.204362][ C0] 4 locks held by syz-executor/14551: [ 1653.209772][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1653.218808][ C0] #1: ffff88802ea9b088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1653.228696][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1653.238857][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1653.249314][ C0] 1 lock held by syz-executor/14584: [ 1653.254753][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1653.264304][ C0] 2 locks held by syz-executor/14586: [ 1653.270016][ C0] #0: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1653.280991][ C0] #1: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1653.293146][ C0] [ 1653.295498][ C0] ============================================= [ 1653.295498][ C0] [ 1653.314500][T13586] Bluetooth: hci0: command tx timeout [ 1653.384823][T13587] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1653.400418][T13587] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1653.412241][T13587] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1653.434979][T13587] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1653.443119][T13587] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1653.450834][T13587] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1653.575556][ T8523] team0 (unregistering): Port device team_slave_1 removed [ 1653.736308][ T8523] team0 (unregistering): Port device team_slave_0 removed [ 1654.231308][ T30] INFO: task segctord:11071 blocked for more than 143 seconds. [ 1654.238932][ T30] Not tainted 6.11.0-rc1-next-20240729-syzkaller #0 [ 1654.267106][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1654.290179][ T30] task:segctord state:D stack:27440 pid:11071 tgid:11071 ppid:2 flags:0x00004000 [ 1654.310250][ C0] DEBUG: waiting rtnl_mutex for 647 jiffies. [ 1654.316302][ C0] task:kworker/0:1 state:D stack:23376 pid:13690 tgid:13690 ppid:2 flags:0x00004000 [ 1654.327030][ C0] Workqueue: events linkwatch_event [ 1654.332352][ C0] Call Trace: [ 1654.335666][ C0] [ 1654.338730][ C0] __schedule+0x1800/0x4a60 [ 1654.343420][ C0] ? __pfx___schedule+0x10/0x10 [ 1654.343741][ T30] Call Trace: [ 1654.348573][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1654.358002][ C0] ? __pfx_lock_release+0x10/0x10 [ 1654.363291][ C0] ? kick_pool+0x1bd/0x620 [ 1654.367761][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1654.373058][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1654.378318][ C0] ? schedule+0x90/0x320 [ 1654.382730][ C0] schedule+0x14b/0x320 [ 1654.386928][ C0] schedule_preempt_disabled+0x13/0x30 [ 1654.388289][ T30] [ 1654.392451][ C0] __mutex_lock+0x6a4/0xd70 [ 1654.392482][ C0] ? __mutex_lock+0x527/0xd70 [ 1654.392507][ C0] ? linkwatch_event+0xe/0x60 [ 1654.392533][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1654.392562][ C0] ? get_rtnl_holder+0x144/0x190 [ 1654.412879][ T30] __schedule+0x1800/0x4a60 [ 1654.414689][ C0] ? process_scheduled_works+0x945/0x1830 [ 1654.419583][ T30] ? __pfx___schedule+0x10/0x10 [ 1654.424106][ C0] linkwatch_event+0xe/0x60 [ 1654.424133][ C0] process_scheduled_works+0xa2c/0x1830 [ 1654.424195][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1654.424233][ C0] ? assign_work+0x364/0x3d0 [ 1654.424267][ C0] worker_thread+0x86d/0xd40 [ 1654.424302][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1654.456407][ T30] ? __pfx_lock_release+0x10/0x10 [ 1654.460955][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1654.460993][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1654.461024][ C0] kthread+0x2f0/0x390 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1654.461046][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1654.461074][ C0] ? __pfx_kthread+0x10/0x10 [ 1654.461097][ C0] ret_from_fork+0x4b/0x80 [ 1654.461125][ C0] ? __pfx_kthread+0x10/0x10 [ 1654.461145][ C0] ret_from_fork_asm+0x1a/0x30 [ 1654.461192][ C0] [ 1654.479513][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1654.482331][ C0] DEBUG: waiting rtnl_mutex for 594 jiffies. [ 1654.482346][ C0] task:syz-executor state:D stack:24992 pid:14584 tgid:14584 ppid:1 flags:0x00000004 [ 1654.482385][ C0] Call Trace: [ 1654.482395][ C0] [ 1654.482410][ C0] __schedule+0x1800/0x4a60 [ 1654.482459][ C0] ? __pfx___schedule+0x10/0x10 [ 1654.482489][ C0] ? __pfx_lock_release+0x10/0x10 [ 1654.482519][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1654.556154][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1654.561610][ C0] ? schedule+0x90/0x320 [ 1654.561643][ C0] schedule+0x14b/0x320 [ 1654.561676][ C0] schedule_preempt_disabled+0x13/0x30 [ 1654.561707][ C0] __mutex_lock+0x6a4/0xd70 [ 1654.561734][ C0] ? __mutex_lock+0x527/0xd70 [ 1654.561759][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1654.561793][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1654.561828][ C0] ? get_rtnl_holder+0x144/0x190 [ 1654.561853][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1654.561881][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1654.569576][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 1654.572475][ C0] ? __lock_acquire+0x1384/0x2050 [ 1654.572510][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1654.572555][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1654.572578][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1654.580118][ T30] ? schedule+0x90/0x320 [ 1654.582231][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1654.586651][ T30] schedule+0x14b/0x320 [ 1654.591391][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1654.591418][ C0] netlink_unicast+0x7f6/0x990 [ 1654.591456][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1654.591483][ C0] ? __virt_addr_valid+0x183/0x530 [ 1654.608451][ T30] schedule_preempt_disabled+0x13/0x30 [ 1654.611586][ C0] ? __check_object_size+0x49c/0x900 [ 1654.611614][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1654.611645][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1654.611683][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1654.611709][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1654.611738][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1654.611759][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1654.611784][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1654.616990][ T30] rwsem_down_write_slowpath+0xeeb/0x13b0 [ 1654.622105][ C0] __sock_sendmsg+0x221/0x270 [ 1654.622145][ C0] __sys_sendto+0x3a4/0x4f0 [ 1654.622183][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1654.622234][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1654.622269][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1654.622300][ C0] ? exc_page_fault+0x590/0x8c0 [ 1654.622331][ C0] __x64_sys_sendto+0xde/0x100 [ 1654.622360][ C0] do_syscall_64+0xf3/0x230 [ 1654.632975][ T30] ? rwsem_down_write_slowpath+0xa06/0x13b0 [ 1654.637595][ C0] ? clear_bhb_loop+0x35/0x90 [ 1654.655767][ T30] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 1654.656895][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1654.662348][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 1654.666862][ C0] RIP: 0033:0x7fb00bd7902c [ 1654.690229][ T30] down_write+0x1d7/0x220 [ 1654.693324][ C0] RSP: 002b:00007ffef6cc0c80 EFLAGS: 00000293 [ 1654.698039][ T30] ? __pfx_down_write+0x10/0x10 [ 1654.703379][ C0] ORIG_RAX: 000000000000002c [ 1654.703401][ C0] RAX: ffffffffffffffda RBX: 00007fb00ca34620 RCX: 00007fb00bd7902c [ 1654.703419][ C0] RDX: 0000000000000028 RSI: 00007fb00ca34670 RDI: 0000000000000003 [ 1654.703436][ C0] RBP: 0000000000000000 R08: 00007ffef6cc0cd4 R09: 000000000000000c [ 1654.703452][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1654.703468][ C0] R13: 0000000000000000 R14: 00007fb00ca34670 R15: 0000000000000000 [ 1654.703502][ C0] [ 1654.703515][ C0] DEBUG: holding rtnl_mutex for 768 jiffies. [ 1654.703529][ C0] task:kworker/u8:11 state:D stack:18640 pid:8523 tgid:8523 ppid:2 flags:0x00004000 [ 1654.703569][ C0] Workqueue: netns cleanup_net [ 1654.735427][ T30] ? trace_nilfs2_transaction_transition+0x9e/0x230 [ 1654.739502][ C0] [ 1654.756936][ T30] nilfs_transaction_lock+0x25d/0x4f0 [ 1654.761748][ C0] Call Trace: [ 1654.761760][ C0] [ 1654.761774][ C0] __schedule+0x1800/0x4a60 [ 1654.761826][ C0] ? __pfx___schedule+0x10/0x10 [ 1654.761860][ C0] ? __pfx_lock_release+0x10/0x10 [ 1654.761888][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1654.761923][ C0] ? kthread_data+0x52/0xd0 [ 1654.761953][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1654.761981][ C0] ? schedule+0x90/0x320 [ 1654.762008][ C0] schedule+0x14b/0x320 [ 1654.766836][ T30] nilfs_segctor_thread+0x551/0x11b0 [ 1654.771270][ C0] synchronize_rcu_expedited+0x684/0x830 [ 1654.771300][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 1654.771341][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1654.771366][ C0] ? __pfx___might_resched+0x10/0x10 [ 1654.771395][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1654.771427][ C0] ? free_percpu+0xafd/0x1120 [ 1654.771464][ C0] netdev_rx_handler_unregister+0xa0/0x110 [ 1654.789802][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1654.794084][ C0] macvlan_port_destroy+0x146/0x690 [ 1654.794115][ C0] ? ip6_route_dev_notify+0x99/0x600 [ 1654.794141][ C0] ? __pfx_macvlan_port_destroy+0x10/0x10 [ 1654.794174][ C0] ? __pfx_macvlan_uninit+0x10/0x10 [ 1654.794197][ C0] unregister_netdevice_many_notify+0x15ea/0x1c40 [ 1654.794242][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1654.794276][ C0] ? batadv_hash_remove+0x504/0x680 [ 1654.794315][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1654.800360][ T30] ? __pfx_nilfs_segctor_thread+0x10/0x10 [ 1654.803746][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1654.807999][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1654.814087][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1654.814122][ C0] ? __pfx___might_resched+0x10/0x10 [ 1654.814156][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1654.832331][ T30] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1654.839651][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1654.839685][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1654.839711][ C0] cleanup_net+0x89d/0xcc0 [ 1654.839740][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1654.839773][ C0] ? process_scheduled_works+0x945/0x1830 [ 1654.839799][ C0] process_scheduled_works+0xa2c/0x1830 [ 1654.839856][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1654.839894][ C0] ? assign_work+0x364/0x3d0 [ 1654.839928][ C0] worker_thread+0x86d/0xd40 [ 1654.840009][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1654.840041][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1654.850141][ T30] ? __kthread_parkme+0x169/0x1d0 [ 1654.856079][ C0] kthread+0x2f0/0x390 [ 1654.902286][ T30] ? __pfx_nilfs_segctor_thread+0x10/0x10 [ 1654.905564][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1654.908485][ T30] kthread+0x2f0/0x390 [ 1654.913004][ C0] ? __pfx_kthread+0x10/0x10 [ 1654.913032][ C0] ret_from_fork+0x4b/0x80 [ 1654.913058][ C0] ? __pfx_kthread+0x10/0x10 [ 1654.913078][ C0] ret_from_fork_asm+0x1a/0x30 [ 1654.913123][ C0] [ 1654.930171][ T30] ? __pfx_nilfs_segctor_thread+0x10/0x10 [ 1654.933440][ C0] DEBUG: waiting rtnl_mutex for 786 jiffies. [ 1654.938494][ T30] ? __pfx_kthread+0x10/0x10 [ 1654.942744][ C0] task:syz-executor state:D stack:20496 pid:14549 tgid:14549 ppid:1 flags:0x00004006 [ 1654.942785][ C0] Call Trace: [ 1654.942795][ C0] [ 1654.942810][ C0] __schedule+0x1800/0x4a60 [ 1654.942867][ C0] ? __pfx___schedule+0x10/0x10 [ 1654.942900][ C0] ? __pfx_lock_release+0x10/0x10 [ 1654.942932][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1654.942968][ C0] ? schedule+0x90/0x320 [ 1654.942995][ C0] schedule+0x14b/0x320 [ 1654.943023][ C0] schedule_preempt_disabled+0x13/0x30 [ 1654.943051][ C0] __mutex_lock+0x6a4/0xd70 [ 1654.943072][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1654.943099][ C0] ? __mutex_lock+0x527/0xd70 [ 1654.943122][ C0] ? nsim_destroy+0x71/0x5c0 [ 1654.943158][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1654.943183][ C0] ? __pfx_mntput_no_expire+0x10/0x10 [ 1654.943218][ C0] ? get_rtnl_holder+0x144/0x190 [ 1654.943248][ C0] nsim_destroy+0x71/0x5c0 [ 1654.943285][ C0] __nsim_dev_port_del+0x14b/0x1b0 [ 1654.943309][ C0] nsim_dev_reload_destroy+0x28a/0x490 [ 1654.964821][ T30] ret_from_fork+0x4b/0x80 [ 1654.969994][ C0] ? __pfx_nsim_bus_remove+0x10/0x10 [ 1654.970025][ C0] nsim_drv_remove+0x58/0x160 [ 1654.970048][ C0] device_release_driver_internal+0x4a9/0x7c0 [ 1654.970087][ C0] bus_remove_device+0x34f/0x420 [ 1654.970126][ C0] device_del+0x57a/0x9b0 [ 1654.970167][ C0] ? __pfx_device_del+0x10/0x10 [ 1654.970203][ C0] device_unregister+0x20/0xc0 [ 1654.970228][ C0] del_device_store+0x363/0x480 [ 1654.970260][ C0] ? __pfx_del_device_store+0x10/0x10 [ 1654.970291][ C0] ? sysfs_kf_write+0x182/0x2a0 [ 1654.975642][ T30] ? __pfx_kthread+0x10/0x10 [ 1654.981657][ C0] ? bus_attr_store+0x4f/0xa0 [ 1654.981684][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1654.981709][ C0] kernfs_fop_write_iter+0x3a1/0x500 [ 1654.981739][ C0] vfs_write+0xa72/0xc90 [ 1654.998992][ T30] ret_from_fork_asm+0x1a/0x30 [ 1655.003763][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1655.003791][ C0] ? __pfx_vfs_write+0x10/0x10 [ 1655.003842][ C0] ksys_write+0x1a0/0x2c0 [ 1655.003876][ C0] ? __pfx_ksys_write+0x10/0x10 [ 1655.009196][ T30] [ 1655.014909][ C0] ? do_syscall_64+0x100/0x230 [ 1655.014938][ C0] ? do_syscall_64+0xb6/0x230 [ 1655.014963][ C0] do_syscall_64+0xf3/0x230 [ 1655.014987][ C0] ? clear_bhb_loop+0x35/0x90 [ 1655.015017][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1655.015043][ C0] RIP: 0033:0x7fa29c775e1f [ 1655.015063][ C0] RSP: 002b:00007ffd629eb440 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1655.015090][ C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fa29c775e1f [ 1655.015107][ C0] RDX: 0000000000000001 RSI: 00007ffd629eb490 RDI: 0000000000000005 [ 1655.015123][ C0] RBP: 00007fa29c7e5940 R08: 0000000000000000 R09: 00007ffd629eb297 [ 1655.015144][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1655.015158][ C0] R13: 00007ffd629eb490 R14: 00007fa29d434620 R15: 0000000000000003 [ 1655.015189][ C0] [ 1655.015202][ C0] [ 1655.015202][ C0] Showing all locks held in the system: [ 1655.015216][ C0] 2 locks held by khungtaskd/30: [ 1655.015266][ C0] 3 locks held by kworker/u8:10/3981: [ 1655.056665][ T30] [ 1655.056665][ T30] Showing all locks held in the system: [ 1655.057262][ C0] #0: [ 1655.070205][ T30] 1 lock held by khungtaskd/30: [ 1655.074122][ C0] ffff88802a913148 [ 1655.134367][ T30] #0: [ 1655.139334][ C0] ( [ 1655.173092][ T30] ffffffff8e937a60 (rcu_read_lock [ 1655.177504][ C0] (wq_completion)ipv6_addrconf [ 1655.200124][ T30] ){....}-{1:2} [ 1655.201649][ C0] ){+.+.}-{0:0} [ 1655.206177][ T30] , at: debug_show_all_locks+0x55/0x2a0 [ 1655.216346][ C0] , at: process_scheduled_works+0x90a/0x1830 [ 1655.216379][ C0] #1: ffffc9000c107d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1655.216450][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 1655.216524][ C0] 2 locks held by getty/4979: [ 1655.216538][ C0] #0: ffff88802fc7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1655.216599][ C0] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3} [ 1655.247238][ T30] 3 locks held by kworker/u8:10/3981: [ 1655.251163][ C0] , at: n_tty_read+0x6b5/0x1e10 [ 1655.251197][ C0] 3 locks held by syz.4.332/6756: [ 1655.251213][ C0] 5 locks held by kworker/u8:11/8523: [ 1655.251228][ C0] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1655.251299][ C0] #1: ffffc90004a7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1655.251364][ C0] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1655.251420][ C0] #3: [ 1655.270181][ T30] #0: [ 1655.271389][ C0] ffffffff8fc81d48 [ 1655.275921][ T30] ffff88802a913148 [ 1655.280952][ C0] (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 1655.281001][ C0] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 1655.330121][ T30] ( [ 1655.332276][ C0] 4 locks held by syz.2.1378/11061: [ 1655.336686][ T30] (wq_completion)ipv6_addrconf){+.+.}-{0:0} [ 1655.341685][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_ioctl+0x1161/0x2480 [ 1655.341773][ C0] #1: ffff88807b305470 (&mi->mi_sem){++++}-{3:3}, at: nilfs_sufile_trim_fs+0x4f2/0x1270 [ 1655.341837][ C0] #2: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1655.341898][ C0] #3: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1655.341961][ C0] 1 lock held by segctord/11071: [ 1655.341975][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 1655.342040][ C0] 3 locks held by kworker/u8:14/12112: [ 1655.370120][ T30] , at: process_scheduled_works+0x90a/0x1830 [ 1655.371248][ C0] 3 locks held by kworker/0:1/13690: [ 1655.376379][ T30] #1: ffffc9000c107d00 [ 1655.381872][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1655.381950][ C0] #1: ffffc900034b7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1655.382018][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1655.382087][ C0] 4 locks held by syz-executor/14539: [ 1655.382101][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1655.382168][ C0] #1: ffff88802d25e888 [ 1655.410492][ T30] ( [ 1655.411938][ C0] ( [ 1655.414897][ T30] (work_completion)(&(&net->ipv6.addr_chk_work)->work) [ 1655.419637][ C0] &of->mutex [ 1655.450124][ T30] ){+.+.}-{0:0} [ 1655.452329][ C0] ){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1655.452373][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1655.452438][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1655.452505][ C0] 4 locks held by syz-executor/14542: [ 1655.452519][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1655.452590][ C0] #1: ffff88807d4ac888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1655.452647][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1655.452710][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1655.452769][ C0] 4 locks held by syz-executor/14545: [ 1655.452782][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1655.452848][ C0] #1: ffff8880566a3088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1655.452906][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1655.500422][ T30] , at: process_scheduled_works+0x945/0x1830 [ 1655.504013][ C0] #3: [ 1655.508888][ T30] #2: ffffffff8fc81d48 [ 1655.514269][ C0] ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1655.514334][ C0] 7 locks held by syz-executor/14549: [ 1655.514349][ C0] #0: ffff88801ec40420 (sb_writers [ 1655.580053][ T30] ( [ 1655.580795][ C0] #8 [ 1655.610142][ T30] rtnl_mutex [ 1655.612308][ C0] ){.+.+}-{0:0} [ 1655.617727][ T30] ){+.+.}-{3:3} [ 1655.622589][ C0] , at: vfs_write+0x227/0xc90 [ 1655.622622][ C0] #1: ffff88807dc56c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1655.622685][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1655.622753][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1655.622819][ C0] #4: ffff88806a5350e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1655.622880][ C0] #5: ffff88806c1e5250 (&devlink->lock_key#97){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 1655.658951][ T30] , at: addrconf_verify_work+0x19/0x30 [ 1655.664134][ C0] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 1655.664207][ C0] 4 locks held by syz-executor/14551: [ 1655.664222][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1655.664297][ C0] #1: ffff88802ea9b088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1655.664358][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1655.664421][ C0] #3: ffffffff8f51eae8 ( [ 1655.690154][ T30] 2 locks held by getty/4979: [ 1655.696531][ C0] nsim_bus_dev_list_lock [ 1655.698985][ T30] #0: ffff88802fc7a0a0 [ 1655.704198][ C0] ){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1655.765863][ T30] (&tty->ldisc_sem [ 1655.765894][ C0] 1 lock held by syz-executor/14584: [ 1655.790321][ T30] ){++++}-{0:0} [ 1655.797929][ C0] #0: [ 1655.850327][ T30] , at: tty_ldisc_ref_wait+0x25/0x70 [ 1655.851743][ C0] ffffffff8fc81d48 [ 1655.855152][ T30] #1: ffffc9000312b2f0 [ 1655.862093][ C0] (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1655.862153][ C0] 1 lock held by syz-executor/14587: [ 1655.862167][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1655.862230][ C0] [ 1655.862238][ C0] ============================================= [ 1655.862238][ C0] [ 1655.943187][T13587] Bluetooth: hci0: command tx timeout [ 1655.943337][T13587] Bluetooth: hci1: command tx timeout [ 1656.224112][ T30] (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1656.232985][ T30] 4 locks held by syz.4.332/6756: [ 1656.238041][ T30] 5 locks held by kworker/u8:11/8523: [ 1656.243635][ T30] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1656.255623][ T30] #1: ffffc90004a7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1656.266612][ T30] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1656.289828][ T30] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 1656.317411][ T30] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 1656.328931][ T30] 2 locks held by syz.2.1378/11061: [ 1656.350025][T11061] bio_check_eod: 64472 callbacks suppressed [ 1656.350050][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.350050][T11061] loop2: rw=3, sector=169445223710408, nr_sectors = 8388600 limit=0 [ 1656.350175][ T30] 1 lock held by segctord/11071: [ 1656.356234][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.356234][T11061] loop2: rw=3, sector=169445232099008, nr_sectors = 8388600 limit=0 [ 1656.395469][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.395469][T11061] loop2: rw=3, sector=169445240487608, nr_sectors = 8388600 limit=0 [ 1656.411406][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.411406][T11061] loop2: rw=3, sector=169445248876208, nr_sectors = 8388600 limit=0 [ 1656.420076][ T30] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 1656.426780][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.426780][T11061] loop2: rw=3, sector=169445257264808, nr_sectors = 8388600 limit=0 [ 1656.452197][ T30] 3 locks held by kworker/0:1/13690: [ 1656.457514][ T30] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1656.469157][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.469157][T11061] loop2: rw=3, sector=169445265653408, nr_sectors = 8388600 limit=0 [ 1656.485555][ T30] #1: ffffc900034b7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1656.498170][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.498170][T11061] loop2: rw=3, sector=169445274042008, nr_sectors = 8388600 limit=0 [ 1656.512852][ T30] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1656.523252][ T30] 4 locks held by syz-executor/14539: [ 1656.528684][ T30] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.537842][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.537842][T11061] loop2: rw=3, sector=169445282430608, nr_sectors = 8388600 limit=0 [ 1656.553498][ T30] #1: ffff88802d25e888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.563437][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.563437][T11061] loop2: rw=3, sector=169445290819208, nr_sectors = 8388600 limit=0 [ 1656.579695][ T30] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.591428][T11061] syz.2.1378: attempt to access beyond end of device [ 1656.591428][T11061] loop2: rw=3, sector=169445299207808, nr_sectors = 8388600 limit=0 [ 1656.606075][ T30] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1656.619489][ T30] 4 locks held by syz-executor/14542: [ 1656.640032][ T30] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.649017][ T30] #1: ffff88807d4ac888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.670380][ T30] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.700109][ T30] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1656.720034][ T30] 4 locks held by syz-executor/14545: [ 1656.725465][ T30] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.750073][ T30] #1: ffff8880566a3088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.759920][ T30] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.790354][ T30] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1656.810067][ T30] 7 locks held by syz-executor/14549: [ 1656.815490][ T30] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.840047][ T30] #1: ffff88807dc56c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.860338][ T30] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.870645][ C0] DEBUG: waiting rtnl_mutex for 903 jiffies. [ 1656.870672][ C0] task:kworker/0:1 state:D stack:23376 pid:13690 tgid:13690 ppid:2 flags:0x00004000 [ 1656.870720][ C0] Workqueue: events linkwatch_event [ 1656.870752][ C0] Call Trace: [ 1656.870764][ C0] [ 1656.870780][ C0] __schedule+0x1800/0x4a60 [ 1656.870833][ C0] ? __pfx___schedule+0x10/0x10 [ 1656.870864][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1656.870894][ C0] ? __pfx_lock_release+0x10/0x10 [ 1656.870926][ C0] ? kick_pool+0x1bd/0x620 [ 1656.870969][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1656.870999][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1656.871031][ C0] ? schedule+0x90/0x320 [ 1656.871060][ C0] schedule+0x14b/0x320 [ 1656.871093][ C0] schedule_preempt_disabled+0x13/0x30 [ 1656.871123][ C0] __mutex_lock+0x6a4/0xd70 [ 1656.871151][ C0] ? __mutex_lock+0x527/0xd70 [ 1656.871176][ C0] ? linkwatch_event+0xe/0x60 [ 1656.871202][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1656.871235][ C0] ? get_rtnl_holder+0x144/0x190 [ 1656.871262][ C0] ? process_scheduled_works+0x945/0x1830 [ 1656.871290][ C0] linkwatch_event+0xe/0x60 [ 1656.871313][ C0] process_scheduled_works+0xa2c/0x1830 [ 1656.871373][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1656.871412][ C0] ? assign_work+0x364/0x3d0 [ 1656.871446][ C0] worker_thread+0x86d/0xd40 [ 1656.871486][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1656.871521][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1656.871555][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1656.871584][ C0] kthread+0x2f0/0x390 [ 1656.871606][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1656.871635][ C0] ? __pfx_kthread+0x10/0x10 [ 1656.871657][ C0] ret_from_fork+0x4b/0x80 [ 1656.871688][ C0] ? __pfx_kthread+0x10/0x10 [ 1656.871709][ C0] ret_from_fork_asm+0x1a/0x30 [ 1656.871754][ C0] [ 1656.871765][ C0] DEBUG: waiting rtnl_mutex for 833 jiffies. [ 1656.871778][ C0] task:syz-executor state:D stack:24992 pid:14584 tgid:14584 ppid:1 flags:0x00000004 [ 1656.871819][ C0] Call Trace: [ 1656.871828][ C0] [ 1656.871843][ C0] __schedule+0x1800/0x4a60 [ 1656.871897][ C0] ? __pfx___schedule+0x10/0x10 [ 1656.871931][ C0] ? __pfx_lock_release+0x10/0x10 [ 1656.871967][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1656.872004][ C0] ? schedule+0x90/0x320 [ 1656.872033][ C0] schedule+0x14b/0x320 [ 1656.872066][ C0] schedule_preempt_disabled+0x13/0x30 [ 1656.872096][ C0] __mutex_lock+0x6a4/0xd70 [ 1656.872123][ C0] ? __mutex_lock+0x527/0xd70 [ 1656.872148][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1656.872182][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1656.872219][ C0] ? get_rtnl_holder+0x144/0x190 [ 1656.872247][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1656.872278][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1656.872311][ C0] ? __lock_acquire+0x1384/0x2050 [ 1656.872343][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1656.872393][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1656.872418][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1656.872453][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1656.872502][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1656.872528][ C0] netlink_unicast+0x7f6/0x990 [ 1656.872569][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1656.872602][ C0] ? __virt_addr_valid+0x183/0x530 [ 1656.872629][ C0] ? __check_object_size+0x49c/0x900 [ 1656.872655][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1656.872690][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1656.872727][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1656.872754][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1656.872785][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1656.872805][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1656.872832][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1656.872855][ C0] __sock_sendmsg+0x221/0x270 [ 1656.872891][ C0] __sys_sendto+0x3a4/0x4f0 [ 1656.872924][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1656.872982][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1656.873016][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1656.873048][ C0] ? exc_page_fault+0x590/0x8c0 [ 1656.873082][ C0] __x64_sys_sendto+0xde/0x100 [ 1656.873112][ C0] do_syscall_64+0xf3/0x230 [ 1656.873135][ C0] ? clear_bhb_loop+0x35/0x90 [ 1656.873165][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1656.873192][ C0] RIP: 0033:0x7fb00bd7902c [ 1656.873213][ C0] RSP: 002b:00007ffef6cc0c80 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1656.873238][ C0] RAX: ffffffffffffffda RBX: 00007fb00ca34620 RCX: 00007fb00bd7902c [ 1656.873257][ C0] RDX: 0000000000000028 RSI: 00007fb00ca34670 RDI: 0000000000000003 [ 1656.873274][ C0] RBP: 0000000000000000 R08: 00007ffef6cc0cd4 R09: 000000000000000c [ 1656.873290][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1656.873306][ C0] R13: 0000000000000000 R14: 00007fb00ca34670 R15: 0000000000000000 [ 1656.873341][ C0] [ 1656.873351][ C0] DEBUG: holding rtnl_mutex for 985 jiffies. [ 1656.873365][ C0] task:kworker/u8:11 state:D stack:18640 pid:8523 tgid:8523 ppid:2 flags:0x00004000 [ 1656.873404][ C0] Workqueue: netns cleanup_net [ 1656.873429][ C0] Call Trace: [ 1656.873439][ C0] [ 1656.873454][ C0] __schedule+0x1800/0x4a60 [ 1656.873508][ C0] ? __pfx___schedule+0x10/0x10 [ 1656.873543][ C0] ? __pfx_lock_release+0x10/0x10 [ 1656.873571][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1656.873608][ C0] ? kthread_data+0x52/0xd0 [ 1656.873640][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1656.873673][ C0] ? schedule+0x90/0x320 [ 1656.873701][ C0] schedule+0x14b/0x320 [ 1656.873733][ C0] synchronize_rcu_expedited+0x684/0x830 [ 1656.873763][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 1656.873805][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1656.873830][ C0] ? __pfx___might_resched+0x10/0x10 [ 1656.873857][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1656.873887][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1656.873918][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1656.873974][ C0] synchronize_rcu+0x11b/0x360 [ 1656.873998][ C0] ? __pfx_synchronize_rcu+0x10/0x10 [ 1656.874026][ C0] ? __phys_addr+0x105/0x170 [ 1656.874056][ C0] lockdep_unregister_key+0x4b7/0x540 [ 1656.874092][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 1656.874128][ C0] ? rcu_is_watching+0x15/0xb0 [ 1656.874151][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 1656.874181][ C0] __qdisc_destroy+0x165/0x410 [ 1656.874209][ C0] dev_shutdown+0x9b/0x450 [ 1656.874239][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 1656.874286][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1656.874322][ C0] ? batadv_hash_remove+0x504/0x680 [ 1656.874366][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1656.874402][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1656.874438][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1656.874473][ C0] ? __pfx___might_resched+0x10/0x10 [ 1656.874502][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1656.874535][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1656.874564][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1656.874590][ C0] cleanup_net+0x89d/0xcc0 [ 1656.874622][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1656.874660][ C0] ? process_scheduled_works+0x945/0x1830 [ 1656.874688][ C0] process_scheduled_works+0xa2c/0x1830 [ 1656.874747][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1656.874786][ C0] ? assign_work+0x364/0x3d0 [ 1656.874821][ C0] worker_thread+0x86d/0xd40 [ 1656.874867][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1656.874901][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1656.874931][ C0] kthread+0x2f0/0x390 [ 1656.874957][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1656.874985][ C0] ? __pfx_kthread+0x10/0x10 [ 1656.875008][ C0] ret_from_fork+0x4b/0x80 [ 1656.875038][ C0] ? __pfx_kthread+0x10/0x10 [ 1656.875059][ C0] ret_from_fork_asm+0x1a/0x30 [ 1656.875105][ C0] [ 1656.875115][ C0] DEBUG: waiting rtnl_mutex for 980 jiffies. [ 1656.875129][ C0] task:syz-executor state:D stack:20496 pid:14549 tgid:14549 ppid:1 flags:0x00004006 [ 1656.875167][ C0] Call Trace: [ 1656.875176][ C0] [ 1656.875191][ C0] __schedule+0x1800/0x4a60 [ 1656.875245][ C0] ? __pfx___schedule+0x10/0x10 [ 1656.875280][ C0] ? __pfx_lock_release+0x10/0x10 [ 1656.875309][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1656.875346][ C0] ? schedule+0x90/0x320 [ 1656.875375][ C0] schedule+0x14b/0x320 [ 1656.875408][ C0] schedule_preempt_disabled+0x13/0x30 [ 1656.875438][ C0] __mutex_lock+0x6a4/0xd70 [ 1656.875460][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1656.875490][ C0] ? __mutex_lock+0x527/0xd70 [ 1656.875515][ C0] ? nsim_destroy+0x71/0x5c0 [ 1656.875547][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1656.875574][ C0] ? __pfx_mntput_no_expire+0x10/0x10 [ 1656.875608][ C0] ? get_rtnl_holder+0x144/0x190 [ 1656.875637][ C0] nsim_destroy+0x71/0x5c0 [ 1656.875691][ C0] __nsim_dev_port_del+0x14b/0x1b0 [ 1656.875718][ C0] nsim_dev_reload_destroy+0x28a/0x490 [ 1656.875747][ C0] ? __pfx_nsim_bus_remove+0x10/0x10 [ 1656.875774][ C0] nsim_drv_remove+0x58/0x160 [ 1656.875800][ C0] device_release_driver_internal+0x4a9/0x7c0 [ 1656.875839][ C0] bus_remove_device+0x34f/0x420 [ 1656.875881][ C0] device_del+0x57a/0x9b0 [ 1656.875916][ C0] ? __pfx_device_del+0x10/0x10 [ 1656.875957][ C0] device_unregister+0x20/0xc0 [ 1656.875982][ C0] del_device_store+0x363/0x480 [ 1656.876016][ C0] ? __pfx_del_device_store+0x10/0x10 [ 1656.876047][ C0] ? sysfs_kf_write+0x182/0x2a0 [ 1656.876071][ C0] ? bus_attr_store+0x4f/0xa0 [ 1656.876093][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1656.876117][ C0] kernfs_fop_write_iter+0x3a1/0x500 [ 1656.876148][ C0] vfs_write+0xa72/0xc90 [ 1656.876184][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1656.876211][ C0] ? __pfx_vfs_write+0x10/0x10 [ 1656.876266][ C0] ksys_write+0x1a0/0x2c0 [ 1656.876303][ C0] ? __pfx_ksys_write+0x10/0x10 [ 1656.876335][ C0] ? do_syscall_64+0x100/0x230 [ 1656.876361][ C0] ? do_syscall_64+0xb6/0x230 [ 1656.876387][ C0] do_syscall_64+0xf3/0x230 [ 1656.876410][ C0] ? clear_bhb_loop+0x35/0x90 [ 1656.876439][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1656.876464][ C0] RIP: 0033:0x7fa29c775e1f [ 1656.876484][ C0] RSP: 002b:00007ffd629eb440 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1656.876509][ C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fa29c775e1f [ 1656.876527][ C0] RDX: 0000000000000001 RSI: 00007ffd629eb490 RDI: 0000000000000005 [ 1656.876543][ C0] RBP: 00007fa29c7e5940 R08: 0000000000000000 R09: 00007ffd629eb297 [ 1656.876561][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1656.876577][ C0] R13: 00007ffd629eb490 R14: 00007fa29d434620 R15: 0000000000000003 [ 1656.876611][ C0] [ 1656.876624][ C0] [ 1656.876624][ C0] Showing all locks held in the system: [ 1656.876639][ C0] 5 locks held by khungtaskd/30: [ 1656.876654][ C0] #0: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1656.876725][ C0] #1: ffffffff8e813280 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120 [ 1656.876793][ C0] #2: ffffffff8e812e90 (console_srcu){....}-{0:0}, at: console_flush_all+0x147/0xf50 [ 1656.876856][ C0] #3: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1656.876919][ C0] #4: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1656.877027][ C0] 3 locks held by kworker/u8:10/3981: [ 1656.877041][ C0] #0: ffff88802a913148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1656.877109][ C0] #1: ffffc9000c107d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1656.877193][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 1656.877264][ C0] 2 locks held by getty/4979: [ 1656.877279][ C0] #0: ffff88802fc7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1656.877346][ C0] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1656.877439][ C0] 3 locks held by syz.4.332/6756: [ 1656.877454][ C0] 5 locks held by kworker/u8:11/8523: [ 1656.877469][ C0] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1656.877535][ C0] #1: ffffc90004a7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1656.877600][ C0] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1656.877662][ C0] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 1656.877721][ C0] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 1656.877787][ C0] 2 locks held by syz.2.1378/11061: [ 1656.877802][ C0] 1 lock held by segctord/11071: [ 1656.877817][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 1656.877888][ C0] 2 locks held by kworker/u8:6/13220: [ 1656.877903][ C0] 3 locks held by kworker/0:1/13690: [ 1656.877917][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1656.877988][ C0] #1: ffffc900034b7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1656.878054][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1656.878119][ C0] 4 locks held by syz-executor/14539: [ 1656.878133][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.878206][ C0] #1: ffff88802d25e888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.878267][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.878333][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1656.878400][ C0] 4 locks held by syz-executor/14542: [ 1656.878415][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.878488][ C0] #1: ffff88807d4ac888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.878549][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.878616][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1656.878683][ C0] 4 locks held by syz-executor/14545: [ 1656.878697][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.878770][ C0] #1: ffff8880566a3088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.878830][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.878897][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1656.878967][ C0] 7 locks held by syz-executor/14549: [ 1656.878981][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.879053][ C0] #1: ffff88807dc56c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.879113][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.879180][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1656.879245][ C0] #4: ffff88806a5350e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1656.879312][ C0] #5: ffff88806c1e5250 (&devlink->lock_key#97){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 1656.879378][ C0] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 1656.879445][ C0] 4 locks held by syz-executor/14551: [ 1656.879460][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1656.879533][ C0] #1: ffff88802ea9b088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1656.879593][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1656.879660][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1656.879731][ C0] 1 lock held by syz-executor/14584: [ 1656.879745][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1656.879814][ C0] 1 lock held by syz-executor/14587: [ 1656.879829][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1656.879898][ C0] [ 1656.879906][ C0] ============================================= [ 1656.879906][ C0] [ 1657.917686][ C0] DEBUG: waiting rtnl_mutex for 1007 jiffies. [ 1657.917720][ C0] task:kworker/0:1 state:D stack:23376 pid:13690 tgid:13690 ppid:2 flags:0x00004000 [ 1657.917768][ C0] Workqueue: events linkwatch_event [ 1657.917801][ C0] Call Trace: [ 1657.917812][ C0] [ 1657.917829][ C0] __schedule+0x1800/0x4a60 [ 1657.917885][ C0] ? __pfx___schedule+0x10/0x10 [ 1657.917917][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1657.917949][ C0] ? __pfx_lock_release+0x10/0x10 [ 1657.917981][ C0] ? kick_pool+0x1bd/0x620 [ 1657.918016][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1657.918046][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1657.918079][ C0] ? schedule+0x90/0x320 [ 1657.918108][ C0] schedule+0x14b/0x320 [ 1657.918142][ C0] schedule_preempt_disabled+0x13/0x30 [ 1657.918182][ C0] __mutex_lock+0x6a4/0xd70 [ 1657.918211][ C0] ? __mutex_lock+0x527/0xd70 [ 1657.918237][ C0] ? linkwatch_event+0xe/0x60 [ 1657.918263][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1657.918297][ C0] ? get_rtnl_holder+0x144/0x190 [ 1657.918323][ C0] ? process_scheduled_works+0x945/0x1830 [ 1657.918352][ C0] linkwatch_event+0xe/0x60 [ 1657.918375][ C0] process_scheduled_works+0xa2c/0x1830 [ 1657.918434][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1657.918474][ C0] ? assign_work+0x364/0x3d0 [ 1657.918509][ C0] worker_thread+0x86d/0xd40 [ 1657.918547][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1657.918582][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1657.918622][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1657.918652][ C0] kthread+0x2f0/0x390 [ 1657.918673][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1657.918702][ C0] ? __pfx_kthread+0x10/0x10 [ 1657.918725][ C0] ret_from_fork+0x4b/0x80 [ 1657.918756][ C0] ? __pfx_kthread+0x10/0x10 [ 1657.918778][ C0] ret_from_fork_asm+0x1a/0x30 [ 1657.918826][ C0] [ 1657.918836][ C0] DEBUG: waiting rtnl_mutex for 937 jiffies. [ 1657.918848][ C0] task:syz-executor state:D stack:24992 pid:14584 tgid:14584 ppid:1 flags:0x00000004 [ 1657.918888][ C0] Call Trace: [ 1657.918898][ C0] [ 1657.918913][ C0] __schedule+0x1800/0x4a60 [ 1657.918966][ C0] ? __pfx___schedule+0x10/0x10 [ 1657.919001][ C0] ? __pfx_lock_release+0x10/0x10 [ 1657.919033][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1657.919069][ C0] ? schedule+0x90/0x320 [ 1657.919099][ C0] schedule+0x14b/0x320 [ 1657.919131][ C0] schedule_preempt_disabled+0x13/0x30 [ 1657.919161][ C0] __mutex_lock+0x6a4/0xd70 [ 1657.919189][ C0] ? __mutex_lock+0x527/0xd70 [ 1657.919214][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1657.919248][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1657.919283][ C0] ? get_rtnl_holder+0x144/0x190 [ 1657.919317][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1657.919347][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1657.919380][ C0] ? __lock_acquire+0x1384/0x2050 [ 1657.919412][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1657.919462][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1657.919488][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1657.919522][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1657.919571][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1657.919604][ C0] netlink_unicast+0x7f6/0x990 [ 1657.919645][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1657.919674][ C0] ? __virt_addr_valid+0x183/0x530 [ 1657.919702][ C0] ? __check_object_size+0x49c/0x900 [ 1657.919728][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1657.919763][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1657.919801][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1657.919828][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1657.919858][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1657.919879][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1657.919907][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1657.919928][ C0] __sock_sendmsg+0x221/0x270 [ 1657.920019][ C0] __sys_sendto+0x3a4/0x4f0 [ 1657.920049][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1657.920094][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1657.920123][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1657.920151][ C0] ? exc_page_fault+0x590/0x8c0 [ 1657.920183][ C0] __x64_sys_sendto+0xde/0x100 [ 1657.920216][ C0] do_syscall_64+0xf3/0x230 [ 1657.920240][ C0] ? clear_bhb_loop+0x35/0x90 [ 1657.920271][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1657.920298][ C0] RIP: 0033:0x7fb00bd7902c [ 1657.920321][ C0] RSP: 002b:00007ffef6cc0c80 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1657.920348][ C0] RAX: ffffffffffffffda RBX: 00007fb00ca34620 RCX: 00007fb00bd7902c [ 1657.920364][ C0] RDX: 0000000000000028 RSI: 00007fb00ca34670 RDI: 0000000000000003 [ 1657.920376][ C0] RBP: 0000000000000000 R08: 00007ffef6cc0cd4 R09: 000000000000000c [ 1657.920388][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1657.920400][ C0] R13: 0000000000000000 R14: 00007fb00ca34670 R15: 0000000000000000 [ 1657.920429][ C0] [ 1657.920440][ C0] DEBUG: holding rtnl_mutex for 1090 jiffies. [ 1657.920452][ C0] task:kworker/u8:11 state:D stack:18640 pid:8523 tgid:8523 ppid:2 flags:0x00004000 [ 1657.920489][ C0] Workqueue: netns cleanup_net [ 1657.920516][ C0] Call Trace: [ 1657.920526][ C0] [ 1657.920541][ C0] __schedule+0x1800/0x4a60 [ 1657.920603][ C0] ? __pfx___schedule+0x10/0x10 [ 1657.920638][ C0] ? __pfx_lock_release+0x10/0x10 [ 1657.920665][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1657.920701][ C0] ? kthread_data+0x52/0xd0 [ 1657.920732][ C0] ? wq_worker_sleeping+0x66/0x240 [ 1657.920764][ C0] ? schedule+0x90/0x320 [ 1657.920792][ C0] schedule+0x14b/0x320 [ 1657.920825][ C0] synchronize_rcu_expedited+0x684/0x830 [ 1657.920853][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 1657.920893][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 1657.920915][ C0] ? __pfx___might_resched+0x10/0x10 [ 1657.920940][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1657.920967][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1657.920992][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1657.921029][ C0] synchronize_rcu+0x11b/0x360 [ 1657.921053][ C0] ? __pfx_synchronize_rcu+0x10/0x10 [ 1657.921075][ C0] ? __phys_addr+0x105/0x170 [ 1657.921101][ C0] lockdep_unregister_key+0x4b7/0x540 [ 1657.921134][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 1657.921166][ C0] ? rcu_is_watching+0x15/0xb0 [ 1657.921185][ C0] ? qdisc_reset+0x3bf/0x5b0 [ 1657.921213][ C0] __qdisc_destroy+0x165/0x410 [ 1657.921241][ C0] dev_shutdown+0x9b/0x450 [ 1657.921269][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 1657.921309][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 1657.921344][ C0] ? batadv_hash_remove+0x504/0x680 [ 1657.921387][ C0] ? unregister_netdevice_queue+0x26b/0x370 [ 1657.921423][ C0] ? batadv_softif_destroy_netlink+0x1e3/0x270 [ 1657.921458][ C0] default_device_exit_batch+0xa0f/0xa90 [ 1657.921491][ C0] ? __pfx___might_resched+0x10/0x10 [ 1657.921519][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1657.921552][ C0] ? cfg802154_pernet_exit+0xc3/0xe0 [ 1657.921581][ C0] ? __pfx_default_device_exit_batch+0x10/0x10 [ 1657.921616][ C0] cleanup_net+0x89d/0xcc0 [ 1657.921648][ C0] ? __pfx_cleanup_net+0x10/0x10 [ 1657.921682][ C0] ? process_scheduled_works+0x945/0x1830 [ 1657.921711][ C0] process_scheduled_works+0xa2c/0x1830 [ 1657.921768][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1657.921806][ C0] ? assign_work+0x364/0x3d0 [ 1657.921838][ C0] worker_thread+0x86d/0xd40 [ 1657.921878][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1657.921911][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1657.921940][ C0] kthread+0x2f0/0x390 [ 1657.921962][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1657.921990][ C0] ? __pfx_kthread+0x10/0x10 [ 1657.922013][ C0] ret_from_fork+0x4b/0x80 [ 1657.922043][ C0] ? __pfx_kthread+0x10/0x10 [ 1657.922065][ C0] ret_from_fork_asm+0x1a/0x30 [ 1657.922107][ C0] [ 1657.922118][ C0] DEBUG: waiting rtnl_mutex for 1085 jiffies. [ 1657.922133][ C0] task:syz-executor state:D stack:20496 pid:14549 tgid:14549 ppid:1 flags:0x00004006 [ 1657.922176][ C0] Call Trace: [ 1657.922187][ C0] [ 1657.922202][ C0] __schedule+0x1800/0x4a60 [ 1657.922257][ C0] ? __pfx___schedule+0x10/0x10 [ 1657.922290][ C0] ? __pfx_lock_release+0x10/0x10 [ 1657.922322][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1657.922358][ C0] ? schedule+0x90/0x320 [ 1657.922386][ C0] schedule+0x14b/0x320 [ 1657.922418][ C0] schedule_preempt_disabled+0x13/0x30 [ 1657.922448][ C0] __mutex_lock+0x6a4/0xd70 [ 1657.922470][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1657.922499][ C0] ? __mutex_lock+0x527/0xd70 [ 1657.922523][ C0] ? nsim_destroy+0x71/0x5c0 [ 1657.922554][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1657.922580][ C0] ? __pfx_mntput_no_expire+0x10/0x10 [ 1657.922623][ C0] ? get_rtnl_holder+0x144/0x190 [ 1657.922650][ C0] nsim_destroy+0x71/0x5c0 [ 1657.922686][ C0] __nsim_dev_port_del+0x14b/0x1b0 [ 1657.922713][ C0] nsim_dev_reload_destroy+0x28a/0x490 [ 1657.922741][ C0] ? __pfx_nsim_bus_remove+0x10/0x10 [ 1657.922769][ C0] nsim_drv_remove+0x58/0x160 [ 1657.922794][ C0] device_release_driver_internal+0x4a9/0x7c0 [ 1657.922833][ C0] bus_remove_device+0x34f/0x420 [ 1657.922867][ C0] device_del+0x57a/0x9b0 [ 1657.922897][ C0] ? __pfx_device_del+0x10/0x10 [ 1657.922926][ C0] device_unregister+0x20/0xc0 [ 1657.922950][ C0] del_device_store+0x363/0x480 [ 1657.922983][ C0] ? __pfx_del_device_store+0x10/0x10 [ 1657.923016][ C0] ? sysfs_kf_write+0x182/0x2a0 [ 1657.923041][ C0] ? bus_attr_store+0x4f/0xa0 [ 1657.923066][ C0] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1657.923090][ C0] kernfs_fop_write_iter+0x3a1/0x500 [ 1657.923122][ C0] vfs_write+0xa72/0xc90 [ 1657.923157][ C0] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1657.923184][ C0] ? __pfx_vfs_write+0x10/0x10 [ 1657.923234][ C0] ksys_write+0x1a0/0x2c0 [ 1657.923270][ C0] ? __pfx_ksys_write+0x10/0x10 [ 1657.923301][ C0] ? do_syscall_64+0x100/0x230 [ 1657.923327][ C0] ? do_syscall_64+0xb6/0x230 [ 1657.923352][ C0] do_syscall_64+0xf3/0x230 [ 1657.923374][ C0] ? clear_bhb_loop+0x35/0x90 [ 1657.923403][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1657.923428][ C0] RIP: 0033:0x7fa29c775e1f [ 1657.923448][ C0] RSP: 002b:00007ffd629eb440 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1657.923474][ C0] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fa29c775e1f [ 1657.923493][ C0] RDX: 0000000000000001 RSI: 00007ffd629eb490 RDI: 0000000000000005 [ 1657.923508][ C0] RBP: 00007fa29c7e5940 R08: 0000000000000000 R09: 00007ffd629eb297 [ 1657.923525][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1657.923540][ C0] R13: 00007ffd629eb490 R14: 00007fa29d434620 R15: 0000000000000003 [ 1657.923574][ C0] [ 1657.923595][ C0] [ 1657.923595][ C0] Showing all locks held in the system: [ 1657.923611][ C0] 5 locks held by khungtaskd/30: [ 1657.923626][ C0] #0: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1657.923695][ C0] #1: ffffffff8e813280 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120 [ 1657.923760][ C0] #2: ffffffff8e812e90 (console_srcu){....}-{0:0}, at: console_flush_all+0x147/0xf50 [ 1657.923824][ C0] #3: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 1657.923882][ C0] #4: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 1657.923984][ C0] 3 locks held by kworker/u8:10/3981: [ 1657.923998][ C0] #0: ffff88802a913148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1657.924061][ C0] #1: ffffc9000c107d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1657.924126][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 1657.924194][ C0] 1 lock held by syslogd/4663: [ 1657.924209][ C0] 2 locks held by getty/4979: [ 1657.924223][ C0] #0: ffff88802fc7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1657.924296][ C0] #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 1657.924365][ C0] 3 locks held by syz.4.332/6756: [ 1657.924382][ C0] 5 locks held by kworker/u8:11/8523: [ 1657.924398][ C0] #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1657.924471][ C0] #1: ffffc90004a7fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1657.924543][ C0] #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 1657.924616][ C0] #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 1657.924676][ C0] #4: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 1657.924739][ C0] 2 locks held by syz.2.1378/11061: [ 1657.924755][ C0] 1 lock held by segctord/11071: [ 1657.924769][ C0] #0: ffff8880258b32a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x25d/0x4f0 [ 1657.924839][ C0] 2 locks held by kworker/u8:6/13220: [ 1657.924854][ C0] 3 locks held by kworker/0:1/13690: [ 1657.924868][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 1657.924934][ C0] #1: ffffc900034b7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 1657.924998][ C0] #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 1657.925061][ C0] 4 locks held by syz-executor/14539: [ 1657.925076][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1657.925148][ C0] #1: ffff88802d25e888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1657.925209][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1657.925275][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1657.925352][ C0] 4 locks held by syz-executor/14542: [ 1657.925366][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1657.925438][ C0] #1: ffff88807d4ac888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1657.925497][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1657.925561][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1657.925640][ C0] 4 locks held by syz-executor/14545: [ 1657.925655][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1657.925726][ C0] #1: ffff8880566a3088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1657.925783][ C0] #2: ffff888023a1ee18 (kn->active#51){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1657.925939][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 1657.926032][ C0] 7 locks held by syz-executor/14549: [ 1657.926050][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1657.926138][ C0] #1: ffff88807dc56c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1657.926205][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1657.926272][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1657.926334][ C0] #4: ffff88806a5350e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1657.926394][ C0] #5: ffff88806c1e5250 (&devlink->lock_key#97){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 1657.926455][ C0] #6: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 1657.926521][ C0] 4 locks held by syz-executor/14551: [ 1657.926537][ C0] #0: ffff88801ec40420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 1657.926636][ C0] #1: ffff88802ea9b088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 1657.926696][ C0] #2: ffff888023a1ef08 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 1657.926763][ C0] #3: ffffffff8f51eae8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 1657.926836][ C0] 1 lock held by syz-executor/14584: [ 1657.926851][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1657.926922][ C0] 1 lock held by syz-executor/14587: [ 1657.926936][ C0] #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1657.926999][ C0] [ 1657.927007][ C0] ============================================= [ 1657.927007][ C0] [ 1658.050367][T13586] Bluetooth: hci1: command tx timeout [ 1658.066161][T13587] Bluetooth: hci0: command tx timeout [ 1658.200397][ T30] #3: [ 1658.960026][ C0] DEBUG: waiting rtnl_mutex for 1111 jiffies. [ 1658.965704][ T30] ffffffff8f51eae8 [ 1658.968058][ C0] task:kworker/0:1 state:D [ 1658.974193][ T30] ( [ 1658.984348][ C0] stack:23376 pid:13690 tgid:13690 ppid:2 flags:0x00004000 [ 1658.984378][ C0] Workqueue: events linkwatch_event [ 1658.984408][ C0] Call Trace: [ 1658.984417][ C0] [ 1658.984431][ C0] __schedule+0x1800/0x4a60 [ 1658.984477][ C0] ? __pfx___schedule+0x10/0x10 [ 1658.991167][ T30] nsim_bus_dev_list_lock [ 1658.992562][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1658.995425][ T30] ){+.+.}-{3:3} [ 1658.999921][ C0] ? __pfx_lock_release+0x10/0x10 [ 1659.005476][ T30] , at: del_device_store+0xfc/0x480 [ 1659.009750][ C0] ? kick_pool+0x1bd/0x620 [ 1659.016117][ T30] #4: [ 1659.020202][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1659.020237][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1659.025563][ T30] ffff88806a5350e8 [ 1659.029559][ C0] ? schedule+0x90/0x320 [ 1659.034437][ T30] ( [ 1659.039348][ C0] schedule+0x14b/0x320 [ 1659.039390][ C0] schedule_preempt_disabled+0x13/0x30 [ 1659.039418][ C0] __mutex_lock+0x6a4/0xd70 [ 1659.039447][ C0] ? __mutex_lock+0x527/0xd70 [ 1659.039471][ C0] ? linkwatch_event+0xe/0x60 [ 1659.039497][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1659.039529][ C0] ? get_rtnl_holder+0x144/0x190 [ 1659.039555][ C0] ? process_scheduled_works+0x945/0x1830 [ 1659.039584][ C0] linkwatch_event+0xe/0x60 [ 1659.039606][ C0] process_scheduled_works+0xa2c/0x1830 [ 1659.039661][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 1659.039698][ C0] ? assign_work+0x364/0x3d0 [ 1659.039730][ C0] worker_thread+0x86d/0xd40 [ 1659.039767][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1659.039796][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1659.039833][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1659.039863][ C0] kthread+0x2f0/0x390 [ 1659.039886][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1659.039916][ C0] ? __pfx_kthread+0x10/0x10 [ 1659.039938][ C0] ret_from_fork+0x4b/0x80 [ 1659.040006][ C0] ? __pfx_kthread+0x10/0x10 [ 1659.040026][ C0] ret_from_fork_asm+0x1a/0x30 [ 1659.040065][ C0] [ 1659.040076][ C0] DEBUG: waiting rtnl_mutex for 1050 jiffies. [ 1659.040089][ C0] task:syz-executor state:D [ 1659.070163][ T30] &dev->mutex [ 1659.075280][ C0] stack:24992 pid:14584 tgid:14584 ppid:1 flags:0x00000004 [ 1659.090136][ T30] ){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 1659.090188][ T30] #5: ffff88806c1e5250 (&devlink->lock_key#97 [ 1659.095629][ C0] Call Trace: [ 1659.110964][ T30] ){+.+.}-{3:3} [ 1659.111089][ C0] [ 1659.115789][ T30] , at: nsim_drv_remove+0x50/0x160 [ 1659.120247][ C0] __schedule+0x1800/0x4a60 [ 1659.120303][ C0] ? __pfx___schedule+0x10/0x10 [ 1659.130867][ T30] #6: [ 1659.133412][ C0] ? __pfx_lock_release+0x10/0x10 [ 1659.150504][ T30] ffffffff8fc81d48 [ 1659.150649][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1659.156221][ T30] (rtnl_mutex [ 1659.161552][ C0] ? schedule+0x90/0x320 [ 1659.161585][ C0] schedule+0x14b/0x320 [ 1659.182162][ T30] ){+.+.}-{3:3} [ 1659.183666][ C0] schedule_preempt_disabled+0x13/0x30 [ 1659.188592][ T30] , at: nsim_destroy+0x71/0x5c0 [ 1659.194367][ C0] __mutex_lock+0x6a4/0xd70 [ 1659.194412][ C0] ? __mutex_lock+0x527/0xd70 [ 1659.194433][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1659.194472][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1659.220131][ T30] 4 locks held by syz-executor/14551: [ 1659.220316][ C0] ? get_rtnl_holder+0x144/0x190 [ 1659.225371][ T30] #0: ffff88801ec40420 [ 1659.229524][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1659.250065][ T30] ( [ 1659.254427][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1659.257399][ T30] sb_writers#8 [ 1659.263531][ C0] ? __lock_acquire+0x1384/0x2050 [ 1659.263566][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1659.263610][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1659.300081][ T30] ){.+.+}-{0:0} [ 1659.300210][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1659.304407][ T30] , at: vfs_write+0x227/0xc90 [ 1659.308559][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1659.330123][ T30] #1: [ 1659.333283][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1659.338227][ T30] ffff88802ea9b088 [ 1659.343633][ C0] netlink_unicast+0x7f6/0x990 [ 1659.343674][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1659.343701][ C0] ? __virt_addr_valid+0x183/0x530 [ 1659.343725][ C0] ? __check_object_size+0x49c/0x900 [ 1659.343750][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1659.343781][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1659.343818][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1659.343842][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1659.343873][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1659.343894][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1659.343921][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1659.343943][ C0] __sock_sendmsg+0x221/0x270 [ 1659.343978][ C0] __sys_sendto+0x3a4/0x4f0 [ 1659.360653][ T30] ( [ 1659.364500][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1659.369734][ T30] &of->mutex [ 1659.374484][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1659.374522][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1659.410072][ T30] ){+.+.}-{3:3} [ 1659.414963][ C0] ? exc_page_fault+0x590/0x8c0 [ 1659.419635][ T30] , at: kernfs_fop_write_iter+0x1eb/0x500 [ 1659.424920][ C0] __x64_sys_sendto+0xde/0x100 [ 1659.424954][ C0] do_syscall_64+0xf3/0x230 [ 1659.424975][ C0] ? clear_bhb_loop+0x35/0x90 [ 1659.425001][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1659.425026][ C0] RIP: 0033:0x7fb00bd7902c [ 1659.450096][ T30] #2: [ 1659.450382][ C0] RSP: 002b:00007ffef6cc0c80 EFLAGS: 00000293 [ 1659.455179][ T30] ffff888023a1ef08 [ 1659.459922][ C0] ORIG_RAX: 000000000000002c [ 1659.480069][ T30] ( [ 1659.484390][ C0] RAX: ffffffffffffffda RBX: 00007fb00ca34620 RCX: 00007fb00bd7902c [ 1659.510212][ T30] kn->active [ 1659.516959][ C0] RDX: 0000000000000028 RSI: 00007fb00ca34670 RDI: 0000000000000003 [ 1659.540061][ T30] #50 [ 1659.543893][ C0] RBP: 0000000000000000 R08: 00007ffef6cc0cd4 R09: 000000000000000c [ 1659.560334][ T30] ){.+.+}-{0:0} [ 1659.568605][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1659.600074][ T30] , at: kernfs_fop_write_iter+0x20f/0x500 [ 1659.603651][ C0] R13: 0000000000000000 R14: 00007fb00ca34670 R15: 0000000000000000 [ 1659.630145][ T30] #3: [ 1659.638461][ C0] [ 1659.660056][ T30] ffffffff8f51eae8 [ 1659.667753][ C0] DEBUG: waiting rtnl_mutex for 614 jiffies. [ 1659.690102][ T30] ( [ 1659.699791][ C0] task:syz-executor state:D [ 1659.720487][ T30] nsim_bus_dev_list_lock [ 1659.730200][ C0] stack:24992 pid:14587 tgid:14587 ppid:1 flags:0x00000004 [ 1659.730230][ C0] Call Trace: [ 1659.730240][ C0] [ 1659.730254][ C0] __schedule+0x1800/0x4a60 [ 1659.730308][ C0] ? __pfx___schedule+0x10/0x10 [ 1659.750032][ T30] ){+.+.}-{3:3} [ 1659.751335][ C0] ? __pfx_lock_release+0x10/0x10 [ 1659.761990][ T30] , at: del_device_store+0xfc/0x480 [ 1659.772952][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 1659.772995][ C0] ? schedule+0x90/0x320 [ 1659.810124][ T30] 1 lock held by syz-executor/14584: [ 1659.817174][ C0] schedule+0x14b/0x320 [ 1659.850162][ T30] #0: [ 1659.851872][ C0] schedule_preempt_disabled+0x13/0x30 [ 1659.870140][ T30] ffffffff8fc81d48 [ 1659.871589][ C0] __mutex_lock+0x6a4/0xd70 [ 1659.900058][ T30] ( [ 1659.905905][ C0] ? __mutex_lock+0x527/0xd70 [ 1659.930502][ T30] rtnl_mutex [ 1659.931648][ C0] ? rtnetlink_rcv_msg+0x6eb/0xd00 [ 1659.950545][ T30] ){+.+.}-{3:3} [ 1659.960463][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1659.960517][ C0] ? get_rtnl_holder+0x144/0x190 [ 1659.960544][ C0] rtnetlink_rcv_msg+0x6eb/0xd00 [ 1659.960571][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 1659.960600][ C0] ? __lock_acquire+0x1384/0x2050 [ 1659.960629][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1659.960676][ C0] netlink_rcv_skb+0x1e3/0x430 [ 1659.960705][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1659.960738][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1659.960786][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 1659.960812][ C0] netlink_unicast+0x7f6/0x990 [ 1659.960853][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 1659.960880][ C0] ? __virt_addr_valid+0x183/0x530 [ 1660.000063][ T30] , at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1660.000691][ C0] ? __check_object_size+0x49c/0x900 [ 1660.006176][ T30] 1 lock held by syz-executor/14587: [ 1660.015100][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 1660.015149][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 1660.015184][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1660.050047][ T30] #0: [ 1660.050939][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 1660.070064][ T30] ffffffff8fc81d48 [ 1660.075378][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1660.077661][ T30] (rtnl_mutex [ 1660.086095][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 1660.086123][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1660.086144][ C0] __sock_sendmsg+0x221/0x270 [ 1660.086177][ C0] __sys_sendto+0x3a4/0x4f0 [ 1660.086207][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 1660.120059][ T30] ){+.+.}-{3:3} [ 1660.124597][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1660.129694][ T30] , at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 1660.133014][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1660.133045][ C0] ? exc_page_fault+0x590/0x8c0 [ 1660.133075][ C0] __x64_sys_sendto+0xde/0x100 [ 1660.164775][ T30] [ 1660.169335][ C0] do_syscall_64+0xf3/0x230 [ 1660.180147][ T30] ============================================= [ 1660.180147][ T30] [ 1660.181763][ C0] ? clear_bhb_loop+0x35/0x90 [ 1660.186910][ T30] NMI backtrace for cpu 1 [ 1660.190650][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1660.194838][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc1-next-20240729-syzkaller #0 [ 1660.197337][ C0] RIP: 0033:0x7fb93bd7902c [ 1660.201477][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1660.201492][ T30] Call Trace: [ 1660.201501][ T30] [ 1660.201510][ T30] dump_stack_lvl+0x241/0x360 [ 1660.201537][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1660.206974][ C0] RSP: 002b:00007fff1d89f590 EFLAGS: 00000293 [ 1660.211453][ T30] ? __pfx__printk+0x10/0x10 [ 1660.211486][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 1660.216136][ C0] ORIG_RAX: 000000000000002c [ 1660.220805][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 1660.220836][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1660.225825][ C0] RAX: ffffffffffffffda RBX: 00007fb93ca34620 RCX: 00007fb93bd7902c [ 1660.230733][ T30] ? _printk+0xd5/0x120 [ 1660.230757][ T30] ? __pfx__printk+0x10/0x10 [ 1660.230780][ T30] ? __wake_up_klogd+0x109/0x140 [ 1660.236646][ C0] RDX: 0000000000000028 RSI: 00007fb93ca34670 RDI: 0000000000000003 [ 1660.241160][ T30] ? __pfx__printk+0x10/0x10 [ 1660.241188][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 1660.246789][ C0] RBP: 0000000000000000 R08: 00007fff1d89f5e4 R09: 000000000000000c [ 1660.252844][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1660.252870][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 1660.257432][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1660.262001][ T30] watchdog+0xff4/0x1040 [ 1660.262024][ T30] ? watchdog+0x1ea/0x1040 [ 1660.267984][ C0] R13: 0000000000000000 R14: 00007fb93ca34670 R15: 0000000000000000 [ 1660.273565][ T30] ? __pfx_watchdog+0x10/0x10 [ 1660.273600][ T30] kthread+0x2f0/0x390 [ 1660.273619][ T30] ? __pfx_watchdog+0x10/0x10 [ 1660.273636][ T30] ? __pfx_kthread+0x10/0x10 [ 1660.278743][ C0] [ 1660.282774][ T30] ret_from_fork+0x4b/0x80 [ 1660.282802][ T30] ? __pfx_kthread+0x10/0x10 [ 1660.282819][ T30] ret_from_fork_asm+0x1a/0x30 [ 1660.287938][ C0] DEBUG: waiting rtnl_mutex for 605 jiffies. [ 1660.292518][ T30] [ 1660.293064][ T30] Sending NMI from CPU 1 to CPUs 0: [ 1660.296926][ C0] task:kworker/u8:10 state:D [ 1660.301856][ C0] NMI backtrace for cpu 0 [ 1660.301870][ C0] CPU: 0 UID: 0 PID: 6756 Comm: syz.4.332 Not tainted 6.11.0-rc1-next-20240729-syzkaller #0 [ 1660.301891][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1660.301902][ C0] RIP: 0010:delay_tsc+0x6b/0xe0 [ 1660.301927][ C0] Code: 39 f5 73 67 bf 01 00 00 00 e8 11 26 ad f5 65 8b 05 52 1c 4e 74 85 c0 74 2f f3 90 bf 01 00 00 00 e8 5a 24 ad f5 e8 35 f8 03 00 <41> 39 c7 75 20 0f 01 f9 66 90 48 89 d5 48 c1 e5 20 48 09 c5 48 29 [ 1660.301944][ C0] RSP: 0018:ffffc90000007378 EFLAGS: 00000086 [ 1660.301960][ C0] RAX: 0000000000000000 RBX: 00000354d5f62776 RCX: ffffffff94f2f903 [ 1660.301973][ C0] RDX: 0000000000000354 RSI: ffffffff8c607c20 RDI: ffffffff8c607be0 [ 1660.301986][ C0] RBP: 0000000000000820 R08: ffffffff8541c174 R09: 1ffff11004113046 [ 1660.301999][ C0] R10: dffffc0000000000 R11: ffffffff8bb5baa0 R12: dffffc0000000000 [ 1660.302013][ C0] R13: ffffffff94f6ff10 R14: 0000000000000899 R15: 0000000000000000 [ 1660.302025][ C0] FS: 00007fb8263506c0(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000 [ 1660.302041][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1660.302054][ C0] CR2: 000056275ac76058 CR3: 000000002ee06000 CR4: 00000000003506f0 [ 1660.302069][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1660.302080][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1660.302092][ C0] Call Trace: [ 1660.302100][ C0] [ 1660.302107][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 1660.302128][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1660.302155][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1660.302175][ C0] ? nmi_handle+0x2a/0x5a0 [ 1660.302201][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1660.302223][ C0] ? nmi_handle+0x14f/0x5a0 [ 1660.302240][ C0] ? nmi_handle+0x2a/0x5a0 [ 1660.302258][ C0] ? delay_tsc+0x6b/0xe0 [ 1660.302277][ C0] ? default_do_nmi+0x63/0x160 [ 1660.302298][ C0] ? exc_nmi+0x123/0x1f0 [ 1660.302319][ C0] ? end_repeat_nmi+0xf/0x53 [ 1660.302342][ C0] ? __pfx_delay_tsc+0x10/0x10 [ 1660.302379][ C0] ? serial8250_console_write+0x1314/0x1ed0 [ 1660.302408][ C0] ? delay_tsc+0x6b/0xe0 [ 1660.302427][ C0] ? delay_tsc+0x6b/0xe0 [ 1660.302446][ C0] ? delay_tsc+0x6b/0xe0 [ 1660.302465][ C0] [ 1660.302471][ C0] [ 1660.302479][ C0] serial8250_console_write+0x1328/0x1ed0 [ 1660.302517][ C0] ? __pfx_serial8250_console_write+0x10/0x10 [ 1660.302543][ C0] ? __pfx_lock_release+0x10/0x10 [ 1660.302565][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 1660.302591][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1660.302613][ C0] ? __pfx_univ8250_console_write+0x10/0x10 [ 1660.302642][ C0] console_flush_all+0x880/0xf50 [ 1660.302665][ C0] ? mark_lock+0x9a/0x360 [ 1660.302689][ C0] ? console_flush_all+0x147/0xf50 [ 1660.302712][ C0] ? __pfx_console_flush_all+0x10/0x10 [ 1660.302743][ C0] console_unlock+0x13b/0x4d0 [ 1660.302765][ C0] ? __pfx_console_unlock+0x10/0x10 [ 1660.302787][ C0] ? vprintk_emit+0x410/0x900 [ 1660.302808][ C0] ? vprintk_emit+0x761/0x900 [ 1660.302828][ C0] vprintk_emit+0x7a1/0x900 [ 1660.302850][ C0] ? __pfx_vprintk_emit+0x10/0x10 [ 1660.302871][ C0] ? vprintk_emit+0x761/0x900 [ 1660.302895][ C0] _printk+0xd5/0x120 [ 1660.302919][ C0] ? __pfx_vprintk_emit+0x10/0x10 [ 1660.302939][ C0] ? __pfx__printk+0x10/0x10 [ 1660.302970][ C0] sched_show_task+0x268/0x6d0 [ 1660.302991][ C0] ? report_rtnl_holders+0x2a5/0x400 [ 1660.303016][ C0] ? __pfx__printk+0x10/0x10 [ 1660.303040][ C0] ? __pfx_sched_show_task+0x10/0x10 [ 1660.303060][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1660.303085][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1660.303114][ C0] report_rtnl_holders+0x327/0x400 [ 1660.303142][ C0] call_timer_fn+0x18e/0x650 [ 1660.303161][ C0] ? call_timer_fn+0xc0/0x650 [ 1660.303178][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1660.303201][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 1660.303221][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1660.303246][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1660.303269][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1660.303292][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 1660.303315][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 1660.303338][ C0] ? __pfx_report_rtnl_holders+0x10/0x10 [ 1660.303363][ C0] __run_timer_base+0x66a/0x8e0 [ 1660.303394][ C0] ? __pfx___run_timer_base+0x10/0x10 [ 1660.303424][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1660.303452][ C0] run_timer_softirq+0xb7/0x170 [ 1660.303469][ C0] handle_softirqs+0x2c4/0x970 [ 1660.303495][ C0] ? __irq_exit_rcu+0xf4/0x1c0 [ 1660.303519][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 1660.303543][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 1660.303570][ C0] __irq_exit_rcu+0xf4/0x1c0 [ 1660.303592][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 1660.303620][ C0] irq_exit_rcu+0x9/0x30 [ 1660.303644][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 1660.303669][ C0] [ 1660.303675][ C0] [ 1660.303682][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1660.303704][ C0] RIP: 0010:unwind_next_frame+0x1e56/0x2a00 [ 1660.303730][ C0] Code: 40 d7 03 00 48 39 03 4c 8b 7c 24 08 0f 84 42 01 00 00 e8 cd a5 52 00 e9 06 fd ff ff e8 c3 a5 52 00 eb 0c e8 bc a5 52 00 eb 05 b5 a5 52 00 bf 01 00 00 00 e8 4b bb 21 00 65 8b 1d 8c b1 c2 7e [ 1660.303745][ C0] RSP: 0018:ffffc900046570a8 EFLAGS: 00000202 [ 1660.303760][ C0] RAX: 0000000000000002 RBX: ffffc90004658000 RCX: ffff888020e68000 [ 1660.303773][ C0] RDX: ffff888020e68000 RSI: ffffc900046579c0 RDI: ffffc90004657d28 [ 1660.303786][ C0] RBP: ffffc90004657180 R08: ffffffff81412545 R09: ffffffff814120bf [ 1660.303800][ C0] R10: 0000000000000003 R11: ffff888020e68000 R12: ffffc90004657d28 [ 1660.303813][ C0] R13: dffffc0000000000 R14: ffffc90004650000 R15: ffffc90004657d30 [ 1660.303830][ C0] ? unwind_next_frame+0x196f/0x2a00 [ 1660.303854][ C0] ? unwind_next_frame+0x1df5/0x2a00 [ 1660.303883][ C0] ? unwind_next_frame+0x1df5/0x2a00 [ 1660.303913][ C0] ? ovl_iterate+0x11a3/0x21d0 [ 1660.303932][ C0] ? ovl_iterate+0x11a3/0x21d0 [ 1660.303948][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1660.303973][ C0] arch_stack_walk+0x151/0x1b0 [ 1660.303994][ C0] ? wrap_directory_iterator+0x94/0xe0 [ 1660.304023][ C0] stack_trace_save+0x118/0x1d0 [ 1660.304047][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1660.304072][ C0] ? mark_lock+0x9a/0x360 [ 1660.304101][ C0] kasan_save_track+0x3f/0x80 [ 1660.304117][ C0] ? kasan_save_track+0x3f/0x80 [ 1660.304132][ C0] ? kasan_save_free_info+0x40/0x50 [ 1660.304155][ C0] ? poison_slab_object+0xe0/0x150 [ 1660.304171][ C0] ? __kasan_slab_free+0x37/0x60 [ 1660.304188][ C0] ? kmem_cache_free+0x145/0x350 [ 1660.304208][ C0] ? ntfs_readdir+0xba4/0xf00 [ 1660.304225][ C0] ? iterate_dir+0x57a/0x810 [ 1660.304248][ C0] ? ovl_dir_read+0xfe/0x570 [ 1660.304263][ C0] ? ovl_dir_read_merged+0x313/0x5e0 [ 1660.304279][ C0] ? ovl_iterate+0x11a3/0x21d0 [ 1660.304318][ C0] ? indx_used_bit+0x20c/0x3a0 [ 1660.304340][ C0] ? ntfs_readdir+0xba4/0xf00 [ 1660.304357][ C0] kasan_save_free_info+0x40/0x50 [ 1660.304379][ C0] poison_slab_object+0xe0/0x150 [ 1660.304397][ C0] ? ntfs_readdir+0xba4/0xf00 [ 1660.304414][ C0] __kasan_slab_free+0x37/0x60 [ 1660.304431][ C0] kmem_cache_free+0x145/0x350 [ 1660.304455][ C0] ntfs_readdir+0xba4/0xf00 [ 1660.304482][ C0] ? __pfx_ntfs_readdir+0x10/0x10 [ 1660.304499][ C0] ? end_current_label_crit_section+0x151/0x180 [ 1660.304526][ C0] ? bpf_lsm_file_permission+0x9/0x10 [ 1660.304548][ C0] iterate_dir+0x57a/0x810 [ 1660.304576][ C0] ovl_dir_read+0xfe/0x570 [ 1660.304594][ C0] ? ovl_path_next+0x23b/0x470 [ 1660.304618][ C0] ovl_dir_read_merged+0x313/0x5e0 [ 1660.304644][ C0] ? __pfx_ovl_dir_read_merged+0x10/0x10 [ 1660.304662][ C0] ? __pfx_ovl_fill_merge+0x10/0x10 [ 1660.304685][ C0] ? ovl_iterate+0x10e3/0x21d0 [ 1660.304705][ C0] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 1660.304730][ C0] ovl_iterate+0x11a3/0x21d0 [ 1660.304752][ C0] ? __lock_acquire+0x1384/0x2050 [ 1660.304779][ C0] ? __pfx_ovl_iterate+0x10/0x10 [ 1660.304807][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1660.304832][ C0] ? __pfx___might_resched+0x10/0x10 [ 1660.304863][ C0] ? down_write+0x18c/0x220 [ 1660.304882][ C0] ? __pfx_down_write+0x10/0x10 [ 1660.304901][ C0] ? end_current_label_crit_section+0x151/0x180 [ 1660.304924][ C0] ? common_file_perm+0x1a6/0x210 [ 1660.304947][ C0] ? __pfx_ovl_iterate+0x10/0x10 [ 1660.304964][ C0] wrap_directory_iterator+0x94/0xe0 [ 1660.304990][ C0] iterate_dir+0x57a/0x810 [ 1660.305018][ C0] __se_sys_getdents+0x1ef/0x4d0 [ 1660.305047][ C0] ? __pfx___se_sys_getdents+0x10/0x10 [ 1660.305071][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1660.305094][ C0] ? __pfx_filldir+0x10/0x10 [ 1660.305110][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1660.305135][ C0] ? do_syscall_64+0x100/0x230 [ 1660.305154][ C0] ? do_syscall_64+0xb6/0x230 [ 1660.305172][ C0] do_syscall_64+0xf3/0x230 [ 1660.305188][ C0] ? clear_bhb_loop+0x35/0x90 [ 1660.305210][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1660.305229][ C0] RIP: 0033:0x7fb825577299 [ 1660.305245][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1660.305260][ C0] RSP: 002b:00007fb826350048 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 1660.305277][ C0] RAX: ffffffffffffffda RBX: 00007fb825705f80 RCX: 00007fb825577299 [ 1660.305290][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 1660.305301][ C0] RBP: 00007fb8255e48e6 R08: 0000000000000000 R09: 0000000000000000 [ 1660.305313][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1660.305324][ C0] R13: 000000000000000b R14: 00007fb825705f80 R15: 00007ffd2fed90e8 [ 1660.305345][ C0] [ 1660.450043][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1660.450063][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc1-next-20240729-syzkaller #0 [ 1660.450086][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1660.450098][ T30] Call Trace: [ 1660.450106][ T30] [ 1660.450115][ T30] dump_stack_lvl+0x241/0x360 [ 1660.450142][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1660.450160][ T30] ? __pfx__printk+0x10/0x10 [ 1660.450182][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1660.450212][ T30] ? vscnprintf+0x5d/0x90 [ 1660.450233][ T30] panic+0x349/0x870 [ 1660.450258][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1660.450280][ T30] ? __pfx_panic+0x10/0x10 [ 1660.450301][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 1660.450322][ T30] ? __irq_work_queue_local+0x137/0x410 [ 1660.450349][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 1660.450368][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 1660.450388][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 1660.450411][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 1660.450435][ T30] watchdog+0x1033/0x1040 [ 1660.450454][ T30] ? watchdog+0x1ea/0x1040 [ 1660.450477][ T30] ? __pfx_watchdog+0x10/0x10 [ 1660.450493][ T30] kthread+0x2f0/0x390 [ 1660.450511][ T30] ? __pfx_watchdog+0x10/0x10 [ 1660.450527][ T30] ? __pfx_kthread+0x10/0x10 [ 1660.450545][ T30] ret_from_fork+0x4b/0x80 [ 1660.450566][ T30] ? __pfx_kthread+0x10/0x10 [ 1660.450583][ T30] ret_from_fork_asm+0x1a/0x30 [ 1660.450622][ T30] [ 1660.454264][ T30] Kernel Offset: disabled