syzkaller login: [ 261.945608][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 261.997290][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 262.028771][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:60818' (ECDSA) to the list of known hosts. 1970/01/01 00:05:29 fuzzer started 1970/01/01 00:05:43 dialing manager at localhost:33227 [ 349.788241][ T2025] cgroup: Unknown subsys name 'net' [ 350.729470][ T2025] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:05:50 syscalls: 2918 1970/01/01 00:05:50 code coverage: enabled 1970/01/01 00:05:50 comparison tracing: ioctl(KCOV_DISABLE) failed: invalid argument 1970/01/01 00:05:50 extra coverage: enabled 1970/01/01 00:05:50 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:05:50 setuid sandbox: enabled 1970/01/01 00:05:50 namespace sandbox: enabled 1970/01/01 00:05:50 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:05:50 fault injection: enabled 1970/01/01 00:05:50 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:05:50 net packet injection: enabled 1970/01/01 00:05:50 net device setup: enabled 1970/01/01 00:05:50 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:05:50 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:05:50 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:05:50 USB emulation: enabled 1970/01/01 00:05:50 hci packet injection: /dev/vhci does not exist 1970/01/01 00:05:50 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:05:50 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:05:50 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:05:55 fetching corpus: 50, signal 33301/36749 (executing program) 1970/01/01 00:05:57 fetching corpus: 100, signal 46098/50952 (executing program) 1970/01/01 00:06:01 fetching corpus: 150, signal 52790/59027 (executing program) 1970/01/01 00:06:04 fetching corpus: 200, signal 59828/67323 (executing program) 1970/01/01 00:06:07 fetching corpus: 249, signal 63813/72576 (executing program) 1970/01/01 00:06:09 fetching corpus: 299, signal 69390/79242 (executing program) 1970/01/01 00:06:11 fetching corpus: 349, signal 74701/85603 (executing program) 1970/01/01 00:06:14 fetching corpus: 399, signal 77828/89846 (executing program) 1970/01/01 00:06:16 fetching corpus: 447, signal 80887/93943 (executing program) 1970/01/01 00:06:19 fetching corpus: 497, signal 83937/97996 (executing program) 1970/01/01 00:06:22 fetching corpus: 546, signal 87445/102336 (executing program) 1970/01/01 00:06:26 fetching corpus: 596, signal 92180/107776 (executing program) 1970/01/01 00:06:28 fetching corpus: 645, signal 94465/110993 (executing program) 1970/01/01 00:06:31 fetching corpus: 695, signal 96773/114199 (executing program) 1970/01/01 00:06:34 fetching corpus: 745, signal 99397/117577 (executing program) 1970/01/01 00:06:36 fetching corpus: 795, signal 101747/120740 (executing program) 1970/01/01 00:06:39 fetching corpus: 845, signal 105220/124791 (executing program) 1970/01/01 00:06:44 fetching corpus: 895, signal 109360/129381 (executing program) 1970/01/01 00:06:46 fetching corpus: 944, signal 111042/131828 (executing program) 1970/01/01 00:06:48 fetching corpus: 994, signal 113498/134895 (executing program) 1970/01/01 00:06:51 fetching corpus: 1043, signal 115079/137258 (executing program) 1970/01/01 00:06:53 fetching corpus: 1093, signal 116899/139700 (executing program) 1970/01/01 00:06:55 fetching corpus: 1143, signal 119073/142404 (executing program) 1970/01/01 00:06:57 fetching corpus: 1193, signal 120197/144264 (executing program) 1970/01/01 00:06:59 fetching corpus: 1243, signal 122093/146662 (executing program) 1970/01/01 00:07:02 fetching corpus: 1292, signal 124547/149478 (executing program) 1970/01/01 00:07:04 fetching corpus: 1342, signal 126893/152209 (executing program) 1970/01/01 00:07:05 fetching corpus: 1391, signal 127821/153836 (executing program) 1970/01/01 00:07:07 fetching corpus: 1441, signal 128907/155521 (executing program) 1970/01/01 00:07:09 fetching corpus: 1491, signal 130293/157414 (executing program) 1970/01/01 00:07:11 fetching corpus: 1541, signal 132010/159450 (executing program) 1970/01/01 00:07:12 fetching corpus: 1591, signal 133283/161240 (executing program) 1970/01/01 00:07:14 fetching corpus: 1641, signal 134639/163065 (executing program) 1970/01/01 00:07:17 fetching corpus: 1690, signal 135895/164833 (executing program) 1970/01/01 00:07:19 fetching corpus: 1739, signal 137284/166634 (executing program) 1970/01/01 00:07:21 fetching corpus: 1787, signal 138908/168558 (executing program) 1970/01/01 00:07:24 fetching corpus: 1837, signal 139963/170089 (executing program) 1970/01/01 00:07:26 fetching corpus: 1887, signal 141066/171638 (executing program) 1970/01/01 00:07:27 fetching corpus: 1937, signal 142381/173319 (executing program) 1970/01/01 00:07:29 fetching corpus: 1987, signal 143385/174695 (executing program) 1970/01/01 00:07:31 fetching corpus: 2037, signal 144464/176146 (executing program) 1970/01/01 00:07:33 fetching corpus: 2087, signal 145440/177499 (executing program) 1970/01/01 00:07:35 fetching corpus: 2137, signal 146157/178711 (executing program) 1970/01/01 00:07:37 fetching corpus: 2186, signal 147441/180238 (executing program) 1970/01/01 00:07:39 fetching corpus: 2235, signal 148915/181845 (executing program) 1970/01/01 00:07:42 fetching corpus: 2285, signal 150277/183318 (executing program) 1970/01/01 00:07:44 fetching corpus: 2334, signal 151366/184678 (executing program) 1970/01/01 00:07:47 fetching corpus: 2384, signal 152303/185910 (executing program) 1970/01/01 00:07:50 fetching corpus: 2433, signal 152992/186969 (executing program) 1970/01/01 00:07:53 fetching corpus: 2482, signal 153974/188237 (executing program) 1970/01/01 00:07:56 fetching corpus: 2532, signal 154904/189415 (executing program) 1970/01/01 00:07:59 fetching corpus: 2582, signal 156057/190694 (executing program) 1970/01/01 00:08:02 fetching corpus: 2631, signal 157034/191882 (executing program) 1970/01/01 00:08:04 fetching corpus: 2681, signal 158720/193396 (executing program) 1970/01/01 00:08:07 fetching corpus: 2731, signal 159688/194512 (executing program) 1970/01/01 00:08:10 fetching corpus: 2781, signal 160506/195586 (executing program) 1970/01/01 00:08:13 fetching corpus: 2831, signal 161868/196888 (executing program) 1970/01/01 00:08:16 fetching corpus: 2880, signal 162905/197985 (executing program) 1970/01/01 00:08:18 fetching corpus: 2930, signal 163894/199059 (executing program) 1970/01/01 00:08:20 fetching corpus: 2980, signal 164768/200091 (executing program) 1970/01/01 00:08:23 fetching corpus: 3030, signal 165477/201015 (executing program) 1970/01/01 00:08:25 fetching corpus: 3080, signal 166370/201961 (executing program) 1970/01/01 00:08:27 fetching corpus: 3130, signal 167320/202932 (executing program) 1970/01/01 00:08:30 fetching corpus: 3179, signal 168047/203824 (executing program) 1970/01/01 00:08:32 fetching corpus: 3229, signal 168792/204709 (executing program) 1970/01/01 00:08:35 fetching corpus: 3279, signal 169875/205698 (executing program) 1970/01/01 00:08:37 fetching corpus: 3329, signal 170824/206630 (executing program) 1970/01/01 00:08:40 fetching corpus: 3379, signal 172123/207673 (executing program) 1970/01/01 00:08:42 fetching corpus: 3429, signal 172723/208417 (executing program) 1970/01/01 00:08:44 fetching corpus: 3479, signal 173311/209209 (executing program) 1970/01/01 00:08:47 fetching corpus: 3529, signal 174229/210037 (executing program) 1970/01/01 00:08:50 fetching corpus: 3579, signal 175061/210829 (executing program) 1970/01/01 00:08:52 fetching corpus: 3628, signal 175804/211569 (executing program) 1970/01/01 00:08:54 fetching corpus: 3678, signal 176558/212345 (executing program) 1970/01/01 00:08:56 fetching corpus: 3728, signal 177109/212996 (executing program) 1970/01/01 00:09:00 fetching corpus: 3778, signal 177786/213736 (executing program) 1970/01/01 00:09:03 fetching corpus: 3827, signal 178762/214538 (executing program) 1970/01/01 00:09:06 fetching corpus: 3877, signal 179742/215305 (executing program) 1970/01/01 00:09:08 fetching corpus: 3927, signal 180441/215943 (executing program) 1970/01/01 00:09:11 fetching corpus: 3977, signal 181090/216629 (executing program) 1970/01/01 00:09:15 fetching corpus: 4027, signal 181894/217305 (executing program) 1970/01/01 00:09:17 fetching corpus: 4074, signal 182472/217912 (executing program) 1970/01/01 00:09:19 fetching corpus: 4123, signal 183417/218629 (executing program) 1970/01/01 00:09:21 fetching corpus: 4173, signal 184110/219212 (executing program) 1970/01/01 00:09:23 fetching corpus: 4223, signal 184774/219794 (executing program) 1970/01/01 00:09:25 fetching corpus: 4273, signal 185301/220344 (executing program) 1970/01/01 00:09:28 fetching corpus: 4323, signal 185842/220893 (executing program) 1970/01/01 00:09:31 fetching corpus: 4373, signal 186368/221446 (executing program) 1970/01/01 00:09:33 fetching corpus: 4422, signal 187479/222095 (executing program) 1970/01/01 00:09:35 fetching corpus: 4471, signal 188044/222611 (executing program) 1970/01/01 00:09:38 fetching corpus: 4521, signal 188647/223127 (executing program) 1970/01/01 00:10:15 fetching corpus: 4571, signal 189354/223665 (executing program) 1970/01/01 00:10:16 fetching corpus: 4618, signal 189908/224198 (executing program) 1970/01/01 00:10:19 fetching corpus: 4668, signal 190681/224685 (executing program) 1970/01/01 00:10:22 fetching corpus: 4718, signal 191169/225109 (executing program) 1970/01/01 00:10:24 fetching corpus: 4768, signal 191968/225607 (executing program) 1970/01/01 00:10:27 fetching corpus: 4818, signal 192630/226045 (executing program) 1970/01/01 00:10:28 fetching corpus: 4868, signal 193248/226492 (executing program) 1970/01/01 00:10:30 fetching corpus: 4918, signal 193804/226923 (executing program) 1970/01/01 00:10:32 fetching corpus: 4967, signal 194323/227314 (executing program) 1970/01/01 00:10:34 fetching corpus: 5017, signal 194815/227681 (executing program) 1970/01/01 00:10:37 fetching corpus: 5067, signal 195430/228053 (executing program) 1970/01/01 00:10:40 fetching corpus: 5115, signal 196001/228451 (executing program) 1970/01/01 00:10:42 fetching corpus: 5165, signal 196838/228838 (executing program) 1970/01/01 00:10:44 fetching corpus: 5215, signal 197435/229226 (executing program) 1970/01/01 00:10:46 fetching corpus: 5265, signal 198184/229589 (executing program) 1970/01/01 00:10:49 fetching corpus: 5315, signal 198729/229928 (executing program) 1970/01/01 00:10:52 fetching corpus: 5365, signal 199713/230287 (executing program) 1970/01/01 00:10:54 fetching corpus: 5413, signal 200227/230625 (executing program) 1970/01/01 00:10:56 fetching corpus: 5463, signal 200720/230937 (executing program) 1970/01/01 00:10:59 fetching corpus: 5512, signal 201349/231237 (executing program) 1970/01/01 00:11:00 fetching corpus: 5562, signal 201812/231521 (executing program) 1970/01/01 00:11:03 fetching corpus: 5612, signal 202381/231782 (executing program) 1970/01/01 00:11:06 fetching corpus: 5662, signal 203022/232039 (executing program) 1970/01/01 00:11:08 fetching corpus: 5712, signal 203662/232292 (executing program) 1970/01/01 00:11:10 fetching corpus: 5762, signal 204181/232343 (executing program) 1970/01/01 00:11:12 fetching corpus: 5812, signal 204637/232343 (executing program) 1970/01/01 00:11:13 fetching corpus: 5862, signal 205065/232343 (executing program) 1970/01/01 00:11:15 fetching corpus: 5912, signal 205496/232343 (executing program) 1970/01/01 00:11:18 fetching corpus: 5962, signal 205965/232371 (executing program) 1970/01/01 00:11:19 fetching corpus: 6012, signal 206354/232371 (executing program) 1970/01/01 00:11:22 fetching corpus: 6062, signal 206795/232375 (executing program) 1970/01/01 00:11:24 fetching corpus: 6112, signal 207430/232375 (executing program) 1970/01/01 00:11:25 fetching corpus: 6162, signal 207951/232375 (executing program) 1970/01/01 00:11:28 fetching corpus: 6212, signal 208622/232382 (executing program) 1970/01/01 00:11:31 fetching corpus: 6262, signal 209526/232388 (executing program) 1970/01/01 00:11:32 fetching corpus: 6312, signal 209917/232388 (executing program) 1970/01/01 00:11:34 fetching corpus: 6362, signal 210273/232388 (executing program) 1970/01/01 00:11:37 fetching corpus: 6412, signal 210862/232388 (executing program) 1970/01/01 00:11:39 fetching corpus: 6462, signal 211334/232388 (executing program) 1970/01/01 00:11:42 fetching corpus: 6512, signal 211892/232388 (executing program) 1970/01/01 00:11:44 fetching corpus: 6562, signal 212327/232388 (executing program) 1970/01/01 00:11:46 fetching corpus: 6612, signal 212711/232407 (executing program) 1970/01/01 00:11:49 fetching corpus: 6662, signal 213091/232407 (executing program) 1970/01/01 00:11:56 fetching corpus: 6712, signal 213863/232407 (executing program) 1970/01/01 00:11:58 fetching corpus: 6762, signal 214297/232407 (executing program) 1970/01/01 00:12:00 fetching corpus: 6812, signal 214945/232408 (executing program) 1970/01/01 00:12:03 fetching corpus: 6862, signal 215229/232408 (executing program) 1970/01/01 00:12:04 fetching corpus: 6911, signal 215515/232421 (executing program) 1970/01/01 00:12:06 fetching corpus: 6961, signal 215862/232421 (executing program) 1970/01/01 00:12:08 fetching corpus: 7011, signal 216190/232421 (executing program) 1970/01/01 00:12:11 fetching corpus: 7061, signal 216713/232421 (executing program) 1970/01/01 00:12:13 fetching corpus: 7110, signal 217308/232432 (executing program) 1970/01/01 00:12:15 fetching corpus: 7160, signal 217668/232432 (executing program) 1970/01/01 00:12:18 fetching corpus: 7210, signal 218247/232432 (executing program) 1970/01/01 00:12:19 fetching corpus: 7260, signal 218646/232432 (executing program) 1970/01/01 00:12:21 fetching corpus: 7310, signal 218980/232442 (executing program) 1970/01/01 00:12:23 fetching corpus: 7360, signal 219364/232442 (executing program) 1970/01/01 00:12:26 fetching corpus: 7410, signal 219795/232442 (executing program) 1970/01/01 00:12:29 fetching corpus: 7460, signal 220113/232442 (executing program) 1970/01/01 00:12:32 fetching corpus: 7508, signal 220685/232549 (executing program) 1970/01/01 00:12:36 fetching corpus: 7557, signal 221008/232549 (executing program) 1970/01/01 00:12:38 fetching corpus: 7607, signal 221439/232549 (executing program) 1970/01/01 00:12:40 fetching corpus: 7657, signal 221841/232555 (executing program) 1970/01/01 00:12:42 fetching corpus: 7707, signal 222417/232555 (executing program) 1970/01/01 00:12:45 fetching corpus: 7757, signal 223329/232555 (executing program) 1970/01/01 00:12:48 fetching corpus: 7807, signal 223721/232555 (executing program) 1970/01/01 00:12:53 fetching corpus: 7857, signal 224260/232563 (executing program) 1970/01/01 00:12:55 fetching corpus: 7907, signal 224823/232563 (executing program) 1970/01/01 00:12:58 fetching corpus: 7957, signal 225283/232564 (executing program) 1970/01/01 00:13:00 fetching corpus: 8007, signal 225654/232564 (executing program) 1970/01/01 00:13:01 fetching corpus: 8057, signal 225957/232564 (executing program) 1970/01/01 00:13:04 fetching corpus: 8107, signal 226687/232564 (executing program) 1970/01/01 00:13:06 fetching corpus: 8157, signal 227053/232566 (executing program) 1970/01/01 00:13:08 fetching corpus: 8207, signal 227435/232566 (executing program) 1970/01/01 00:13:13 fetching corpus: 8257, signal 227859/232566 (executing program) 1970/01/01 00:13:16 fetching corpus: 8307, signal 228225/232579 (executing program) 1970/01/01 00:13:18 fetching corpus: 8357, signal 228613/232579 (executing program) 1970/01/01 00:13:20 fetching corpus: 8407, signal 228896/232579 (executing program) 1970/01/01 00:13:22 fetching corpus: 8457, signal 229307/232579 (executing program) 1970/01/01 00:13:24 fetching corpus: 8507, signal 229678/232592 (executing program) 1970/01/01 00:13:26 fetching corpus: 8557, signal 230116/232592 (executing program) 1970/01/01 00:13:29 fetching corpus: 8607, signal 230558/232592 (executing program) 1970/01/01 00:13:30 fetching corpus: 8654, signal 230950/232602 (executing program) 1970/01/01 00:13:30 fetching corpus: 8654, signal 230952/232602 (executing program) 1970/01/01 00:13:30 fetching corpus: 8654, signal 230952/232602 (executing program) 1970/01/01 00:15:15 starting 2 fuzzer processes 00:15:15 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x3, &(0x7f0000000000)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001780)={r0, 0x0, 0xe, 0x0, &(0x7f0000000080)="9636244be76527a4f8d9cf3559a2", 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000700)="11", 0x0}, 0x48) 00:15:15 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x3, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000ffffffbd0a00000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) [ 933.541406][ C0] hrtimer: interrupt took 12003900 ns [ 943.189979][ T2043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 943.788241][ T2043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 945.193634][ T2044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 945.774995][ T2044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 952.783798][ C0] ================================================================== [ 952.787388][ C0] [ 952.787510][ C0] ====================================================== [ 952.787612][ C0] WARNING: possible circular locking dependency detected [ 952.787851][ C0] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 952.788116][ C0] ------------------------------------------------------ [ 952.788211][ C0] syz-executor.1/2044 is trying to acquire lock: [ 952.788409][ C0] ffffffff84a888e0 (console_owner){-.-.}-{0:0}, at: console_unlock+0x2b2/0x97a [ 952.789533][ C0] [ 952.789533][ C0] but task is already holding lock: [ 952.789623][ C0] ffffffff84c3a588 (report_lock){-.-.}-{2:2}, at: kasan_report+0x84/0x1e0 [ 952.790257][ C0] [ 952.790257][ C0] which lock already depends on the new lock. [ 952.790257][ C0] [ 952.790362][ C0] [ 952.790362][ C0] the existing dependency chain (in reverse order) is: [ 952.790455][ C0] [ 952.790455][ C0] -> #7 (report_lock){-.-.}-{2:2}: [ 952.790885][ C0] lock_acquire.part.0+0x1d0/0x424 [ 952.791445][ C0] [ 952.791445][ C0] -> #6 (hrtimer_bases.lock){-.-.}-{2:2}: [ 952.791862][ C0] lock_acquire.part.0+0x1d0/0x424 [ 952.792143][ C0] lock_acquire+0x54/0x6a [ 952.792370][ C0] _raw_spin_lock_irqsave+0x3e/0x62 [ 952.792620][ C0] hrtimer_start_range_ns+0x9e/0x6dc [ 952.792872][ C0] enqueue_task_rt+0x520/0x568 [ 952.793089][ C0] enqueue_task+0x66/0x136 [ 952.793357][ C0] __sched_setscheduler.constprop.0+0x704/0xdd4 [ 952.793666][ C0] sched_set_fifo+0xc8/0x108 [ 952.793950][ C0] drm_vblank_worker_init+0xea/0x10c [ 952.794207][ C0] drm_vblank_init+0xec/0x24e [ 952.794492][ C0] vkms_init+0x272/0x45c [ 952.794766][ C0] do_one_initcall+0x13a/0x7ea [ 952.794973][ C0] kernel_init_freeable+0x510/0x5b4 [ 952.795250][ C0] kernel_init+0x28/0x21c [ 952.795496][ C0] ret_from_exception+0x0/0x10 [ 952.795730][ C0] [ 952.795730][ C0] -> #5 (&rt_b->rt_runtime_lock){-...}-{2:2}: [ 952.796063][ C0] lock_acquire.part.0+0x1d0/0x424 [ 952.796345][ C0] lock_acquire+0x54/0x6a [ 952.796583][ C0] _raw_spin_lock+0x32/0x48 [ 952.796827][ C0] rq_online_rt+0x78/0x1b8 [ 952.797015][ C0] set_rq_online.part.0+0xaa/0xc2 [ 952.797262][ C0] sched_cpu_activate+0x1c0/0x250 [ 952.797472][ C0] cpuhp_invoke_callback+0x282/0x504 [ 952.797712][ C0] cpuhp_thread_fun+0x2f6/0x4b0 [ 952.797952][ C0] smpboot_thread_fn+0x448/0x6cc [ 952.798224][ C0] kthread+0x19e/0x1fa [ 952.798477][ C0] ret_from_exception+0x0/0x10 [ 952.798714][ C0] [ 952.798714][ C0] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 952.799037][ C0] lock_acquire.part.0+0x1d0/0x424 [ 952.799319][ C0] lock_acquire+0x54/0x6a [ 952.799550][ C0] _raw_spin_lock_nested+0x36/0x4e [ 952.799788][ C0] raw_spin_rq_lock_nested+0x22/0x34 [ 952.800040][ C0] task_fork_fair+0xa8/0x218 [ 952.800299][ C0] sched_post_fork+0x16e/0x196 [ 952.800568][ C0] copy_process+0x3378/0x3c34 [ 952.800899][ C0] kernel_clone+0xee/0x920 [ 952.801161][ C0] kernel_thread+0xf8/0x130 [ 952.801406][ C0] rest_init+0x34/0x3f2 [ 952.801676][ C0] arch_call_rest_init+0x18/0x20 [ 952.801972][ C0] start_kernel+0x66a/0x698 [ 952.802267][ C0] [ 952.802267][ C0] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 952.802627][ C0] lock_acquire.part.0+0x1d0/0x424 [ 952.802927][ C0] lock_acquire+0x54/0x6a [ 952.803179][ C0] _raw_spin_lock_irqsave+0x3e/0x62 [ 952.803408][ C0] try_to_wake_up+0xa4/0x748 [ 952.803679][ C0] default_wake_function+0x28/0x36 [ 952.803948][ C0] woken_wake_function+0x38/0x48 [ 952.804204][ C0] __wake_up_common+0xb6/0x236 [ 952.804426][ C0] __wake_up_common_lock+0xd6/0x136 [ 952.804655][ C0] __wake_up+0x10/0x18 [ 952.804862][ C0] tty_wakeup+0x58/0xbe [ 952.805127][ C0] tty_port_default_wakeup+0x2c/0x44 [ 952.805364][ C0] tty_port_tty_wakeup+0x3a/0x46 [ 952.805606][ C0] uart_write_wakeup+0x34/0x48 [ 952.805847][ C0] serial8250_tx_chars+0x322/0x592 [ 952.806111][ C0] serial8250_handle_irq.part.0+0x284/0x286 [ 952.806381][ C0] serial8250_default_handle_irq+0xac/0x142 [ 952.806692][ C0] serial8250_interrupt+0xbe/0x1a6 [ 952.806926][ C0] __handle_irq_event_percpu+0x16e/0x6ec [ 952.807163][ C0] handle_irq_event+0x6a/0xfa [ 952.807373][ C0] handle_fasteoi_irq+0x1c0/0x4d6 [ 952.807674][ C0] generic_handle_domain_irq+0x7c/0x9c [ 952.807937][ C0] plic_handle_irq+0x122/0x242 [ 952.808246][ C0] generic_handle_domain_irq+0x7c/0x9c [ 952.808478][ C0] riscv_intc_irq+0x7e/0xc8 [ 952.808732][ C0] generic_handle_arch_irq+0x36/0x54 [ 952.809007][ C0] ret_from_exception+0x0/0x10 [ 952.809226][ C0] _raw_spin_unlock_irq+0x2a/0x76 [ 952.809467][ C0] [ 952.809467][ C0] -> #2 (&tty->write_wait){-.-.}-{2:2}: [ 952.809852][ C0] lock_acquire.part.0+0x1d0/0x424 [ 952.810156][ C0] lock_acquire+0x54/0x6a [ 952.810383][ C0] _raw_spin_lock_irqsave+0x3e/0x62 [ 952.810606][ C0] __wake_up_common_lock+0xc4/0x136 [ 952.810899][ C0] __wake_up+0x10/0x18 [ 952.811150][ C0] tty_wakeup+0x58/0xbe [ 952.811399][ C0] tty_port_default_wakeup+0x2c/0x44 [ 952.811659][ C0] tty_port_tty_wakeup+0x3a/0x46 [ 952.812202][ C0] uart_write_wakeup+0x34/0x48 [ 952.812679][ C0] serial8250_tx_chars+0x322/0x592 [ 952.813135][ C0] serial8250_handle_irq.part.0+0x284/0x286 [ 952.813570][ C0] serial8250_default_handle_irq+0xac/0x142 [ 952.814012][ C0] serial8250_interrupt+0xbe/0x1a6 [ 952.814368][ C0] __handle_irq_event_percpu+0x16e/0x6ec [ 952.814743][ C0] handle_irq_event+0x6a/0xfa [ 952.815094][ C0] handle_fasteoi_irq+0x1c0/0x4d6 [ 952.815470][ C0] generic_handle_domain_irq+0x7c/0x9c [ 952.815832][ C0] plic_handle_irq+0x122/0x242 [ 952.816259][ C0] generic_handle_domain_irq+0x7c/0x9c [ 952.816620][ C0] riscv_intc_irq+0x7e/0xc8 [ 952.817020][ C0] generic_handle_arch_irq+0x36/0x54 [ 952.817394][ C0] ret_from_exception+0x0/0x10 [ 952.817725][ C0] _raw_spin_unlock_irqrestore+0x68/0x98 [ 952.818128][ C0] [ 952.818128][ C0] -> #1 (&port_lock_key){-.-.}-{2:2}: [ 952.818748][ C0] lock_acquire.part.0+0x1d0/0x424 [ 952.819155][ C0] lock_acquire+0x54/0x6a [ 952.819514][ C0] _raw_spin_lock_irqsave+0x3e/0x62 [ 952.819874][ C0] serial8250_console_write+0x848/0x8e6 [ 952.820321][ C0] univ8250_console_write+0x46/0x54 [ 952.820697][ C0] console_unlock+0x666/0x97a [ 952.821124][ C0] register_console+0x250/0x534 [ 952.821549][ C0] uart_add_one_port+0xbf2/0xc14 [ 952.821923][ C0] serial8250_register_8250_port+0x8ce/0xc6e [ 952.822318][ C0] of_platform_serial_probe+0x7ae/0xa9c [ 952.822686][ C0] platform_probe+0xc8/0x172 [ 952.823066][ C0] really_probe+0x1a6/0x89e [ 952.823368][ C0] __driver_probe_device+0x24a/0x2d4 [ 952.823682][ C0] driver_probe_device+0x60/0x1a4 [ 952.824009][ C0] __driver_attach+0x178/0x33e [ 952.824333][ C0] bus_for_each_dev+0x122/0x194 [ 952.824733][ C0] driver_attach+0x32/0x3c [ 952.825055][ C0] bus_add_driver+0x2c6/0x41a [ 952.825372][ C0] driver_register+0x144/0x286 [ 952.825724][ C0] __platform_driver_register+0x46/0x52 [ 952.826158][ C0] of_platform_serial_driver_init+0x22/0x2a [ 952.826639][ C0] do_one_initcall+0x13a/0x7ea [ 952.826992][ C0] kernel_init_freeable+0x510/0x5b4 [ 952.827394][ C0] kernel_init+0x28/0x21c [ 952.827798][ C0] ret_from_exception+0x0/0x10 [ 952.828162][ C0] [ 952.828162][ C0] -> #0 (console_owner){-.-.}-{0:0}: [ 952.828759][ C0] check_noncircular+0x1de/0x1fe [ 952.829166][ C0] __lock_acquire+0x19a4/0x333e [ 952.829552][ C0] lock_acquire.part.0+0x1d0/0x424 [ 952.829979][ C0] lock_acquire+0x54/0x6a [ 952.830327][ C0] console_unlock+0x304/0x97a [ 952.830765][ C0] vprintk_emit+0xd2/0x416 [ 952.831196][ C0] vprintk_default+0x22/0x2e [ 952.831619][ C0] vprintk+0x108/0x13e [ 952.831927][ C0] _printk+0xa0/0xc8 [ 952.832336][ C0] [ 952.832336][ C0] other info that might help us debug this: [ 952.832336][ C0] [ 952.832721][ C0] Chain exists of: [ 952.832721][ C0] console_owner --> hrtimer_bases.lock --> report_lock [ 952.832721][ C0] [ 952.833587][ C0] Possible unsafe locking scenario: [ 952.833587][ C0] [ 952.833687][ C0] CPU0 CPU1 [ 952.833814][ C0] ---- ---- [ 952.833903][ C0] lock(report_lock); [ 952.834153][ C0] lock(hrtimer_bases.lock); [ 952.834434][ C0] lock(report_lock); [ 952.834696][ C0] lock(console_owner); [ 952.834934][ C0] [ 952.834934][ C0] *** DEADLOCK *** [ 952.834934][ C0] [ 952.835076][ C0] 13 locks held by syz-executor.1/2044: [ 952.835363][ C0] #0: ffffffff855cf108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0 [ 952.836457][ C0] #1: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: netif_receive_skb_list_internal+0x244/0x816 [ 952.837499][ C0] #2: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: ip_local_deliver_finish+0x7e/0x278 [ 952.838517][ C0] #3: ffffaf800caa98b0 (slock-AF_INET/1){+.-.}-{2:2}, at: tcp_v4_rcv+0x1bd4/0x1f46 [ 952.839541][ C0] #4: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: __ip_queue_xmit+0x0/0xeb2 [ 952.840488][ C0] #5: ffffffff84b73e60 (rcu_read_lock_bh){....}-{1:2}, at: ip_finish_output2+0x1b8/0x1720 [ 952.841505][ C0] #6: ffffffff84b73e60 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x140/0x248c [ 952.842548][ C0] #7: ffffaf800e92a258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x11ba/0x248c [ 952.843601][ C0] #8: ffffaf800a23e4d8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x300/0x464 [ 952.844787][ C0] #9: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: dev_queue_xmit_nit+0x0/0x73a [ 952.845805][ C0] #10: ffffaf805a9cb418 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x262/0xa16 [ 952.846797][ C0] #11: ffffffff84c3a588 (report_lock){-.-.}-{2:2}, at: kasan_report+0x84/0x1e0 [ 952.847706][ C0] #12: ffffffff84a88600 (console_lock){+.+.}-{0:0}, at: vprintk_default+0x22/0x2e [ 952.848744][ C0] [ 952.848744][ C0] stack backtrace: [ 952.849192][ C0] CPU: 0 PID: 2044 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 952.849612][ C0] Hardware name: riscv-virtio,qemu (DT) [ 952.850039][ C0] Call Trace: [ 952.850315][ C0] [] dump_backtrace+0x2e/0x3c [ 952.850778][ C0] [] show_stack+0x34/0x40 [ 952.851173][ C0] [] dump_stack_lvl+0xe4/0x150 [ 952.851668][ C0] [] dump_stack+0x1c/0x24 [ 952.852114][ C0] [] print_circular_bug+0x34e/0x3d8 [ 952.852536][ C0] [] check_noncircular+0x1de/0x1fe [ 952.852948][ C0] [] __lock_acquire+0x19a4/0x333e [ 952.853367][ C0] [] lock_acquire.part.0+0x1d0/0x424 [ 952.853835][ C0] [] lock_acquire+0x54/0x6a [ 952.854243][ C0] [] console_unlock+0x304/0x97a [ 952.854706][ C0] [] vprintk_emit+0xd2/0x416 [ 952.855181][ C0] [] vprintk_default+0x22/0x2e [ 952.855662][ C0] [] vprintk+0x108/0x13e [ 952.856011][ C0] [] _printk+0xa0/0xc8 [ 952.994181][ C0] BUG: KASAN: user-memory-access in rb_erase+0xca/0x68a [ 952.995452][ C0] Read of size 8 at addr 0000000041b58ab3 by task syz-executor.1/2044 [ 952.996566][ C0] [ 952.997104][ C0] CPU: 0 PID: 2044 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 952.998510][ C0] Hardware name: riscv-virtio,qemu (DT) [ 952.999322][ C0] Call Trace: [ 953.000044][ C0] ================================================================== [ 953.002480][ C0] Unable to handle kernel paging request at virtual address 0000000041b58ab3 [ 953.004683][ C0] Oops [#1] [ 953.005491][ C0] Modules linked in: [ 953.006555][ C0] CPU: 0 PID: 2044 Comm: syz-executor.1 Tainted: G B 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 953.007946][ C0] Hardware name: riscv-virtio,qemu (DT) [ 953.008774][ C0] epc : rb_erase+0xca/0x68a [ 953.009743][ C0] ra : rb_erase+0xca/0x68a [ 953.011104][ C0] epc : ffffffff80c259b4 ra : ffffffff80c259b4 sp : ffffaf800e50c140 [ 953.012331][ C0] gp : ffffffff85863ac0 tp : ffffaf800e503080 t0 : ffffffff86bcb657 [ 953.013537][ C0] t1 : fffffffef0b0dfa4 t2 : 0000000000000000 s0 : ffffaf800e50c1a0 [ 953.014692][ C0] s1 : ffffaf805a9cbd18 a0 : 0000000000000001 a1 : 0000000000000003 [ 953.015830][ C0] a2 : 1ffff5f001ca0611 a3 : ffffffff831afd3a a4 : 0000000000000000 [ 953.016897][ C0] a5 : ffffaf800e504080 a6 : 0000000000f00000 a7 : ffffffff8586fd23 [ 953.018043][ C0] s2 : ffffaf805a9cbd18 s3 : ffffaf805a9cbd28 s4 : ffffaf800e50bab0 [ 953.019164][ C0] s5 : ffffaf805a9cbd18 s6 : ffffaf805a9cb4d0 s7 : 0000000041b58ab3 [ 953.020283][ C0] s8 : 0000000000000000 s9 : ffffaf805a9cbd18 s10: ffffaf805a9cb400 [ 953.022002][ C0] s11: 0000000000010504 t3 : 000000000000003d t4 : fffffffef0b0dfa4 [ 953.023136][ C0] t5 : fffffffef0b0dfa5 t6 : ffffaf800e50bb98 [ 953.024099][ C0] status: 0000000000000100 badaddr: 0000000041b58ab3 cause: 000000000000000d [ 953.025362][ C0] [] timerqueue_del+0x86/0xc0 [ 953.026543][ C0] [] __hrtimer_run_queues+0x3ec/0xa16 [ 953.027682][ C0] [] hrtimer_interrupt+0x1d4/0x3ea [ 953.028805][ C0] [] riscv_timer_interrupt+0x5c/0x6a [ 953.029966][ C0] [] handle_percpu_devid_irq+0x17e/0x2ae [ 953.031633][ C0] [] generic_handle_domain_irq+0x7c/0x9c [ 953.032820][ C0] [] riscv_intc_irq+0x7e/0xc8 [ 953.034001][ C0] [] generic_handle_arch_irq+0x36/0x54 [ 953.035298][ C0] [] ret_from_exception+0x0/0x10 [ 953.036415][ C0] [] ___slab_alloc+0x79a/0x918 [ 953.038143][ C0] ---[ end trace 0000000000000000 ]--- [ 953.039406][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 953.040672][ C0] SMP: stopping secondary CPUs [ 953.042537][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 18:25:12 Registers: info registers vcpu 0 pc ffffffff80dc337e mhartid 0000000000000000 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff831a192c sepc ffffffff8046e97c mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80dc337e x2/sp ffffaf800e50bb80 x3/gp ffffffff85863ac0 x4/tp ffffaf800e503080 x5/t0 ffffffff86bcb657 x6/t1 fffffffef0d796ca x7/t2 0000000000000000 x8/s0 ffffaf800e50bbb0 x9/s1 ffffffff86e58900 x10/a0 ffffffff86e58948 x11/a1 ffff8f800066c000 x12/a2 1ffffffff0dcb129 x13/a3 ffffffff80dc337e x14/a4 0000000000000000 x15/a5 ffffffff86e58948 x16/a6 ffffffff86e589f1 x17/a7 ffffffff86bcb656 x18/s2 ffff8f800066c000 x19/s3 000000000000002e x20/s4 ffffffff86e58900 x21/s5 ffffffff80dc333e x22/s6 0000000000000000 x23/s7 ffffffff86bcb686 x24/s8 0000000000000010 x25/s9 ffffffff86e58958 x26/s10 0000000000000010 x27/s11 0000000000000000 x28/t3 0000000000000073 x29/t4 fffffffef0d796c8 x30/t5 fffffffef0d796cb x31/t6 ffffffff86bcb657 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff8233751e mhartid 0000000000000001 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80119b52 sepc ffffffff80119b52 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff8233751a x2/sp ffffaf8009187150 x3/gp ffffffff85863ac0 x4/tp ffffaf800e5eb080 x5/t0 0000000000046000 x6/t1 000000010000fe99 x7/t2 ffffffffffffffff x8/s0 ffffaf8009187160 x9/s1 ffffffff84b8e270 x10/a0 000000023ccad4ce x11/a1 00000000000f0000 x12/a2 0000000000010202 x13/a3 ffffffff8233751a x14/a4 ffffaf800e5eb080 x15/a5 0000000000000000 x16/a6 ffffffff800c889c x17/a7 00000000000070e5 x18/s2 0000000000001000 x19/s3 0000000000000004 x20/s4 1ffff5f001230e48 x21/s5 ffffffff84b8e240 x22/s6 ffffffff8586fd20 x23/s7 ffffffff84b8e270 x24/s8 ffffffff86c1a620 x25/s9 ffffaf800e5eb080 x26/s10 ffffaf805a9f4c98 x27/s11 ffffffff8018e412 x28/t3 fffffffff3f3f300 x29/t4 fffff5ef0b53eb62 x30/t5 fffff5ef0b53eb63 x31/t6 000000000222d13e f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000