syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) Bluetooth: hci6: command 0x0406 tx timeout watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [syz-executor.0:10694] Modules linked in: irq event stamp: 2899037 hardirqs last enabled at (2899036): [] irqentry_exit+0x3b/0x90 hardirqs last disabled at (2899037): [] sysvec_apic_timer_interrupt+0xf/0x80 softirqs last enabled at (2898070): [] handle_softirqs+0x50c/0x770 softirqs last disabled at (2898073): [] irq_exit_rcu+0x94/0xc0 CPU: 0 UID: 0 PID: 10694 Comm: syz-executor.0 Not tainted 6.12.0-rc3-next-20241016 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:get_stack_info+0x16/0xa0 Code: 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 41 54 49 89 d4 55 48 89 cd 53 65 48 8b 1d 4a ea f9 7e <48> 85 f6 74 03 48 89 f3 48 85 ff 74 62 4c 89 e2 48 89 de e8 e2 2c RSP: 0018:ffff88806ce095b8 EFLAGS: 00000246 RAX: dffffc0000000000 RBX: ffff88800b6dd280 RCX: ffff88806ce09648 RDX: ffff88806ce09628 RSI: ffff88800b6dd280 RDI: ffff88806ce095d8 RBP: ffff88806ce09648 R08: 0000000000000001 R09: 0000000000000000 R10: ffff88806ce09628 R11: 00000000ffffffff R12: ffff88806ce09628 R13: ffff88806ce09650 R14: ffff88806ce09670 R15: ffff88806ce09628 FS: 00007fd6f3cda700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007faea0c91b80 CR3: 00000000159c0000 CR4: 0000000000350ef0 Call Trace: __unwind_start+0x4aa/0x7c0 arch_stack_walk+0x63/0xf0 stack_trace_save+0x8f/0xc0 kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 __kasan_slab_alloc+0x59/0x70 kmem_cache_alloc_noprof+0x13d/0x3d0 __alloc_object+0x2f/0x270 __create_object+0x1d/0x80 kmem_cache_alloc_node_noprof+0x311/0x3e0 kmalloc_reserve+0x189/0x2b0 __alloc_skb+0x162/0x370 ndisc_alloc_skb+0x133/0x330 ndisc_send_rs+0x223/0x540 addrconf_rs_timer+0x2e7/0x7a0 call_timer_fn+0x198/0x5c0 __run_timer_base.part.0+0x688/0x950 run_timer_softirq+0xf9/0x1d0 handle_softirqs+0x1b1/0x770 irq_exit_rcu+0x94/0xc0 sysvec_apic_timer_interrupt+0x70/0x80 asm_sysvec_apic_timer_interrupt+0x1a/0x20 RIP: 0010:mas_next_slot+0x741/0x1ac0 Code: ff 89 de e8 71 81 d6 fc 84 db 0f 85 39 0c 00 00 e8 94 7e d6 fc 4c 89 ff e8 bc ef ff ff 31 ff 89 c3 89 c6 e8 b1 81 d6 fc 85 db <0f> 85 ad 0a 00 00 e8 74 7e d6 fc 48 8b 44 24 68 83 44 24 28 01 80 RSP: 0018:ffff88803fd1f9f0 EFLAGS: 00000246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff847afd9f RDX: ffff88800b6dd280 RSI: 0000000000000000 RDI: 0000000000000005 RBP: ffff888035449c00 R08: 0000000000000001 R09: ffffed1002bc1966 R10: 0000000000000000 R11: ffff88800b6dd728 R12: 0000000000000007 R13: ffff888035449c00 R14: dffffc0000000000 R15: ffff88803fd1fb28 mas_find+0x2c6/0x550 acct_collect+0x1db/0x880 do_exit+0x7b5/0x2a30 do_group_exit+0xd3/0x2a0 get_signal+0x219f/0x23d0 arch_do_signal_or_restart+0x81/0x780 syscall_exit_to_user_mode+0x123/0x1e0 do_syscall_64+0xcc/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fd6f6785b19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fd6f3cda188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a RAX: 0000000000000005 RBX: 00007fd6f6899020 RCX: 00007fd6f6785b19 RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000280 RBP: 00007fd6f67dff6d R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe9b86c7bf R14: 00007fd6f3cda300 R15: 0000000000022000 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 822 Comm: kworker/u10:7 Not tainted 6.12.0-rc3-next-20241016 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 Workqueue: events_unbound cfg80211_wiphy_work RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x80 Code: c0 e9 dc f4 32 03 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 34 24 <65> 48 8b 15 90 2a b2 7e 65 8b 05 91 2a b2 7e a9 00 01 ff 00 74 27 RSP: 0018:ffff888015f57980 EFLAGS: 00000297 RAX: 0000000000000000 RBX: 0000000000000008 RCX: ffffffff845d1749 RDX: ffff888016e73700 RSI: ffffffff845d1757 RDI: 0000000000000006 RBP: 0000000000000000 R08: 0000000000000001 R09: ffff888016e74138 R10: 000000000000000c R11: 0000000000000116 R12: 0000000000000008 R13: 000000000000000c R14: ffff88803ecdb088 R15: 000000000000000a FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007faea0d3d4c0 CR3: 0000000019776000 CR4: 0000000000350ef0 Call Trace: ieee80211_sta_get_rates+0x317/0x5e0 ieee80211_ibss_rx_queued_mgmt+0x1092/0x2f90 ieee80211_iface_work+0xb5f/0xe40 cfg80211_wiphy_work+0x38d/0x610 process_one_work+0x8ee/0x1a00 worker_thread+0x674/0xe70 kthread+0x2c2/0x3a0 ret_from_fork+0x48/0x80 ret_from_fork_asm+0x1a/0x30 ---------------- Code disassembly (best guess), 1 bytes skipped: 0: 44 00 00 add %r8b,(%rax) 3: 90 nop 4: 90 nop 5: 90 nop 6: 90 nop 7: 90 nop 8: 90 nop 9: 90 nop a: 90 nop b: 90 nop c: 90 nop d: 90 nop e: 90 nop f: 90 nop 10: 90 nop 11: 90 nop 12: 90 nop 13: 66 0f 1f 00 nopw (%rax) 17: 41 54 push %r12 19: 49 89 d4 mov %rdx,%r12 1c: 55 push %rbp 1d: 48 89 cd mov %rcx,%rbp 20: 53 push %rbx 21: 65 48 8b 1d 4a ea f9 mov %gs:0x7ef9ea4a(%rip),%rbx # 0x7ef9ea73 28: 7e * 29: 48 85 f6 test %rsi,%rsi <-- trapping instruction 2c: 74 03 je 0x31 2e: 48 89 f3 mov %rsi,%rbx 31: 48 85 ff test %rdi,%rdi 34: 74 62 je 0x98 36: 4c 89 e2 mov %r12,%rdx 39: 48 89 de mov %rbx,%rsi 3c: e8 .byte 0xe8 3d: e2 2c loop 0x6b