[ 61.314995][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.339537][ T61] device veth1_macvtap left promiscuous mode [ 61.346013][ T61] device veth0_macvtap left promiscuous mode [ 61.352792][ T61] device veth1_vlan left promiscuous mode [ 61.360532][ T61] device veth0_vlan left promiscuous mode [ 61.624536][ T61] team0 (unregistering): Port device team_slave_1 removed [ 61.636664][ T61] team0 (unregistering): Port device team_slave_0 removed [ 61.649477][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 61.663486][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 61.714048][ T61] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.0.253' (ECDSA) to the list of known hosts. 2022/09/20 22:13:21 ignoring optional flag "sandboxArg"="0" [ 76.720122][ T26] cfg80211: failed to load regulatory.db 2022/09/20 22:13:21 parsed 1 programs 2022/09/20 22:13:21 executed programs: 0 [ 77.086192][ T4050] cgroup: Unknown subsys name 'net' [ 77.099285][ T4050] cgroup: Unknown subsys name 'rlimit' [ 80.316686][ T3608] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 82.405877][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.413960][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.422450][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.430942][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.438972][ T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 82.446327][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.525910][ T4058] chnl_net:caif_netlink_parms(): no params data found [ 82.569384][ T4058] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.578076][ T4058] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.586055][ T4058] device bridge_slave_0 entered promiscuous mode [ 82.595709][ T4058] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.603304][ T4058] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.612262][ T4058] device bridge_slave_1 entered promiscuous mode [ 82.632754][ T4058] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.644113][ T4058] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.669143][ T4058] team0: Port device team_slave_0 added [ 82.677732][ T4058] team0: Port device team_slave_1 added [ 82.695944][ T4058] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.703227][ T4058] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.730395][ T4058] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.742474][ T4058] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.749731][ T4058] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.776349][ T4058] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.803237][ T4058] device hsr_slave_0 entered promiscuous mode [ 82.810467][ T4058] device hsr_slave_1 entered promiscuous mode [ 82.870751][ T4058] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.878143][ T4058] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.885541][ T4058] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.892658][ T4058] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.932616][ T4058] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.945832][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.954290][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.962228][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.970511][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 82.983562][ T4058] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.995065][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.004225][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.011450][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.038354][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.047477][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.054857][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.063909][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 83.072603][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 83.082564][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.090899][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.099929][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 83.109457][ T4058] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 83.128033][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 83.135582][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 83.148465][ T4058] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.355736][ T4058] device veth0_vlan entered promiscuous mode [ 83.363817][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 83.373299][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 83.382538][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 83.390798][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 83.404169][ T4058] device veth1_vlan entered promiscuous mode [ 83.424138][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 83.432529][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 83.441977][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 83.453739][ T4058] device veth0_macvtap entered promiscuous mode [ 83.463655][ T4058] device veth1_macvtap entered promiscuous mode [ 83.481121][ T4058] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.488716][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 83.499032][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 83.510693][ T4058] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.519442][ T3617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 84.488164][ T3617] Bluetooth: hci0: command 0x0409 tx timeout [ 86.585606][ T142] Bluetooth: hci0: command 0x041b tx timeout [ 89.126632][ T6] Bluetooth: hci0: command 0x040f tx timeout 2022/09/20 22:13:34 executed programs: 1 [ 91.209473][ T6] Bluetooth: hci0: command 0x0419 tx timeout 2022/09/20 22:13:59 executed programs: 3 [ 137.447330][ T1238] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.453991][ T1238] ieee802154 phy1 wpan1: encryption failed: -22 [ 274.706399][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 274.713149][ C1] rcu: 1-...!: (9247 ticks this GP) idle=cc5c/1/0x4000000000000000 softirq=8692/8692 fqs=2 [ 274.726075][ C1] (t=10500 jiffies g=8749 q=60035 ncpus=2) [ 274.732002][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10499 jiffies! g8749 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 274.744263][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=2715 [ 274.752081][ C1] rcu: rcu_preempt kthread starved for 10500 jiffies! g8749 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 274.763388][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 274.773379][ C1] rcu: RCU grace-period kthread stack dump: [ 274.779288][ C1] task:rcu_preempt state:I stack:28728 pid: 16 ppid: 2 flags:0x00004000 [ 274.788534][ C1] Call Trace: [ 274.791826][ C1] [ 274.794773][ C1] __schedule+0xadf/0x52b0 [ 274.799227][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 274.804447][ C1] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 274.810284][ C1] ? __mod_timer+0x83c/0xe30 [ 274.814914][ C1] ? io_schedule_timeout+0x140/0x140 [ 274.820243][ C1] ? debug_object_free+0x350/0x350 [ 274.825390][ C1] schedule+0xda/0x1b0 [ 274.829488][ C1] schedule_timeout+0x14a/0x2a0 [ 274.834369][ C1] ? usleep_range_state+0x1b0/0x1b0 [ 274.839605][ C1] ? destroy_timer_on_stack+0x20/0x20 [ 274.845015][ C1] ? p9_client_create+0x3d0/0x1070 [ 274.850183][ C1] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 274.856021][ C1] ? prepare_to_swait_event+0xee/0x480 [ 274.861516][ C1] rcu_gp_fqs_loop+0x190/0x910 [ 274.866314][ C1] ? force_qs_rnp+0x820/0x820 [ 274.871018][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 274.876858][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 274.882704][ C1] rcu_gp_kthread+0x236/0x360 [ 274.887418][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 274.893253][ C1] ? rcu_gp_init+0x1450/0x1450 [ 274.898154][ C1] ? __kthread_parkme+0x15f/0x220 [ 274.903212][ C1] ? rcu_gp_init+0x1450/0x1450 [ 274.908093][ C1] kthread+0x2e4/0x3a0 [ 274.912191][ C1] ? kthread_complete_and_exit+0x40/0x40 [ 274.918207][ C1] ret_from_fork+0x1f/0x30 [ 274.922752][ C1] [ 274.925809][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 274.932368][ C1] Sending NMI from CPU 1 to CPUs 0: [ 274.937683][ C0] NMI backtrace for cpu 0 [ 274.937694][ C0] CPU: 0 PID: 5869 Comm: syz-executor.0 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0 [ 274.937716][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 274.937727][ C0] RIP: 0010:mark_lock.part.0+0x136/0x1910 [ 274.937754][ C0] Code: 78 50 48 ba 00 00 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 80 3c 11 00 0f 85 65 13 00 00 48 89 ee 48 23 70 50 0f 84 d3 06 00 00 <41> ba 01 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 [ 274.937772][ C0] RSP: 0018:ffffc900033de558 EFLAGS: 00000006 [ 274.937787][ C0] RAX: ffffffff908ed6e0 RBX: 1ffff9200067bcb2 RCX: 1ffffffff211dae6 [ 274.937801][ C0] RDX: dffffc0000000000 RSI: 0000000000000100 RDI: ffffffff908ed730 [ 274.937813][ C0] RBP: 0000000000000100 R08: 0000000000000000 R09: ffffffff908e5957 [ 274.937825][ C0] R10: fffffbfff211cb2a R11: 0000000000000000 R12: ffff88801c8228c0 [ 274.937838][ C0] R13: 0000000000000008 R14: 00000000000000a2 R15: ffff88801c8228e0 [ 274.937850][ C0] FS: 00007f9b5b7be700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 [ 274.937867][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 274.937880][ C0] CR2: 00007f9b5a69dbc0 CR3: 000000006a350000 CR4: 00000000003506f0 [ 274.937892][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 274.937903][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 274.937915][ C0] Call Trace: [ 274.937922][ C0] [ 274.937931][ C0] ? lock_chain_count+0x20/0x20 [ 274.937954][ C0] ? mark_lock.part.0+0xee/0x1910 [ 274.937974][ C0] ? mark_lock.part.0+0xee/0x1910 [ 274.937993][ C0] ? mark_lock.part.0+0xee/0x1910 [ 274.938014][ C0] __lock_acquire+0x8ab/0x56d0 [ 274.938038][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 274.938058][ C0] ? __lock_acquire+0x166e/0x56d0 [ 274.938081][ C0] lock_acquire+0x1ab/0x570 [ 274.938099][ C0] ? psi_task_switch+0x3e7/0x4e0 [ 274.938122][ C0] ? lock_release+0x780/0x780 [ 274.938147][ C0] psi_group_change+0x137/0xc70 [ 274.938167][ C0] ? psi_task_switch+0x3e7/0x4e0 [ 274.938188][ C0] ? cpuacct_all_seq_show+0x520/0x520 [ 274.938211][ C0] psi_task_switch+0x3e7/0x4e0 [ 274.938234][ C0] ? psi_task_change+0x2c0/0x2c0 [ 274.938255][ C0] ? pick_next_task_fair+0x72a/0x12e0 [ 274.938277][ C0] __schedule+0x3589/0x52b0 [ 274.938301][ C0] ? lockdep_hardirqs_on+0x79/0x100 [ 274.938323][ C0] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 274.938343][ C0] ? __mod_timer+0x83c/0xe30 [ 274.938366][ C0] ? io_schedule_timeout+0x140/0x140 [ 274.938389][ C0] ? debug_object_free+0x350/0x350 [ 274.938415][ C0] schedule+0xda/0x1b0 [ 274.938435][ C0] schedule_timeout+0x14a/0x2a0 [ 274.938458][ C0] ? usleep_range_state+0x1b0/0x1b0 [ 274.938481][ C0] ? destroy_timer_on_stack+0x20/0x20 [ 274.938503][ C0] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 274.938522][ C0] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 274.938542][ C0] ? lockdep_hardirqs_on+0x79/0x100 [ 274.938565][ C0] reclaim_throttle+0x753/0xa40 [ 274.938589][ C0] ? lock_chain_count+0x20/0x20 [ 274.938612][ C0] ? drop_slab+0x280/0x280 [ 274.938632][ C0] ? prepare_to_wait_exclusive+0x2b0/0x2b0 [ 274.938657][ C0] shrink_lruvec+0xa83/0x2650 [ 274.938685][ C0] ? reclaim_throttle+0xa40/0xa40 [ 274.938705][ C0] ? mark_lock.part.0+0xee/0x1910 [ 274.938724][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 274.938748][ C0] ? find_held_lock+0x2d/0x110 [ 274.938767][ C0] ? rcu_read_unlock+0x9/0x60 [ 274.938801][ C0] shrink_node+0x85e/0x1e80 [ 274.938828][ C0] ? __cpuset_node_allowed+0x3d/0x5c0 [ 274.938851][ C0] do_try_to_free_pages+0x3b4/0x17a0 [ 274.938880][ C0] ? shrink_node+0x1e80/0x1e80 [ 274.938903][ C0] try_to_free_pages+0x2a7/0x840 [ 274.938924][ C0] ? reclaim_pages+0x670/0x670 [ 274.938953][ C0] __alloc_pages_slowpath.constprop.0+0x8f8/0x2240 [ 274.938986][ C0] ? warn_alloc+0x190/0x190 [ 274.939010][ C0] ? __zone_watermark_ok+0x450/0x450 [ 274.939032][ C0] ? prepare_alloc_pages+0x417/0x570 [ 274.939054][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 274.939076][ C0] __alloc_pages+0x43d/0x510 [ 274.939098][ C0] ? __alloc_pages_slowpath.constprop.0+0x2240/0x2240 [ 274.939127][ C0] ? __slab_alloc.constprop.0+0x4d/0xa0 [ 274.939150][ C0] alloc_pages+0x1a6/0x270 [ 274.939171][ C0] allocate_slab+0x27e/0x3d0 [ 274.939191][ C0] ___slab_alloc+0x7f1/0xe10 [ 274.939210][ C0] ? anon_vma_clone+0x35a/0x600 [ 274.939233][ C0] ? anon_vma_clone+0x35a/0x600 [ 274.939251][ C0] __slab_alloc.constprop.0+0x4d/0xa0 [ 274.939272][ C0] ? anon_vma_clone+0x35a/0x600 [ 274.939290][ C0] kmem_cache_alloc+0x38c/0x3b0 [ 274.939312][ C0] anon_vma_clone+0x35a/0x600 [ 274.939333][ C0] anon_vma_fork+0x82/0x640 [ 274.939352][ C0] ? __vm_enough_memory+0x184/0x360 [ 274.939372][ C0] dup_mm+0xa52/0x13a0 [ 274.939397][ C0] ? replace_mm_exe_file+0x480/0x480 [ 274.939419][ C0] ? __raw_spin_lock_init+0x36/0x110 [ 274.939442][ C0] copy_process+0x3ca6/0x7090 [ 274.939463][ C0] ? find_held_lock+0x2d/0x110 [ 274.939486][ C0] ? __cleanup_sighand+0xb0/0xb0 [ 274.939510][ C0] ? _copy_from_user+0xf9/0x170 [ 274.939536][ C0] kernel_clone+0xe7/0xab0 [ 274.939558][ C0] ? create_io_thread+0xe0/0xe0 [ 274.939581][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 274.939610][ C0] __do_sys_clone3+0x1cd/0x2e0 [ 274.939631][ C0] ? __do_sys_clone+0x100/0x100 [ 274.939655][ C0] ? up_write+0x470/0x470 [ 274.939681][ C0] ? syscall_enter_from_user_mode+0x22/0xb0 [ 274.939705][ C0] ? syscall_enter_from_user_mode+0x22/0xb0 [ 274.939729][ C0] ? lockdep_hardirqs_on+0x79/0x100 [ 274.939752][ C0] do_syscall_64+0x35/0xb0 [ 274.939772][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 274.939793][ C0] RIP: 0033:0x7f9b5a688e99 [ 274.939818][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 274.939835][ C0] RSP: 002b:00007f9b5b7be168 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 274.939853][ C0] RAX: ffffffffffffffda RBX: 00007f9b5a79bf60 RCX: 00007f9b5a688e99 [ 274.939866][ C0] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000080 [ 274.939877][ C0] RBP: 00007f9b5a6e2ff1 R08: 0000000000000000 R09: 0000000000000000 [ 274.939889][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 274.939900][ C0] R13: 00007ffd5c3a5eef R14: 00007f9b5b7be300 R15: 0000000000022000 [ 274.939919][ C0] [ 274.940705][ C1] NMI backtrace for cpu 1 [ 275.580522][ C1] CPU: 1 PID: 19932 Comm: syz-executor.0 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0 [ 275.591003][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 275.601097][ C1] Call Trace: [ 275.604400][ C1] [ 275.607258][ C1] dump_stack_lvl+0xcd/0x134 [ 275.611880][ C1] nmi_cpu_backtrace.cold+0x46/0x14f [ 275.617201][ C1] ? lapic_can_unplug_cpu+0x80/0x80 [ 275.622436][ C1] nmi_trigger_cpumask_backtrace+0x206/0x250 [ 275.628462][ C1] rcu_dump_cpu_stacks+0x2c7/0x4d0 [ 275.633613][ C1] rcu_sched_clock_irq.cold+0x9f/0x79c [ 275.639110][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 275.644342][ C1] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 275.650175][ C1] ? rcu_momentary_dyntick_idle+0x80/0x80 [ 275.655948][ C1] ? tick_sched_do_timer+0x470/0x470 [ 275.661252][ C1] update_process_times+0x11a/0x1a0 [ 275.666480][ C1] tick_sched_handle+0x9b/0x180 [ 275.671361][ C1] tick_sched_timer+0xee/0x120 [ 275.676157][ C1] __hrtimer_run_queues+0x1c0/0xe40 [ 275.681398][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 275.687406][ C1] ? ktime_get_update_offsets_now+0x3eb/0x5c0 [ 275.693512][ C1] hrtimer_interrupt+0x31c/0x790 [ 275.698500][ C1] __sysvec_apic_timer_interrupt+0x146/0x530 [ 275.704513][ C1] sysvec_apic_timer_interrupt+0x8e/0xc0 [ 275.710337][ C1] [ 275.713286][ C1] [ 275.716408][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 275.722417][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x38/0x70 [ 275.728856][ C1] Code: 74 24 10 e8 4a 2e dc f7 48 89 ef e8 d2 af dc f7 81 e3 00 02 00 00 75 25 9c 58 f6 c4 02 75 2d 48 85 db 74 01 fb bf 01 00 00 00 83 71 cf f7 65 8b 05 6c 27 7f 76 85 c0 74 0a 5b 5d c3 e8 40 38 [ 275.748498][ C1] RSP: 0018:ffffc90043b4eac8 EFLAGS: 00000206 [ 275.754601][ C1] RAX: 0000000000000002 RBX: 0000000000000200 RCX: 1ffffffff211db76 [ 275.762602][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 275.770603][ C1] RBP: ffff8880b9b283c0 R08: 0000000000000001 R09: ffffffff908e5957 [ 275.778612][ C1] R10: 0000000000000001 R11: 0000000000000000 R12: 00000000ffffd140 [ 275.786615][ C1] R13: ffff8880b9b283c0 R14: 0000000000000000 R15: 00000000ffffffff [ 275.794634][ C1] __mod_timer+0x837/0xe30 [ 275.799096][ C1] ? enqueue_timer+0x5b0/0x5b0 [ 275.803877][ C1] ? lock_chain_count+0x20/0x20 [ 275.808758][ C1] ? debug_object_free+0x350/0x350 [ 275.813903][ C1] ? lockdep_init_map_type+0x21a/0x7f0 [ 275.819485][ C1] schedule_timeout+0x145/0x2a0 [ 275.824382][ C1] ? usleep_range_state+0x1b0/0x1b0 [ 275.829755][ C1] ? destroy_timer_on_stack+0x20/0x20 [ 275.835162][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 275.841002][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 275.846839][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 275.852076][ C1] reclaim_throttle+0x753/0xa40 [ 275.856976][ C1] ? lock_chain_count+0x20/0x20 [ 275.861863][ C1] ? drop_slab+0x280/0x280 [ 275.866314][ C1] ? prepare_to_wait_exclusive+0x2b0/0x2b0 [ 275.872168][ C1] shrink_lruvec+0xa83/0x2650 [ 275.876942][ C1] ? reclaim_throttle+0xa40/0xa40 [ 275.881995][ C1] ? mark_lock.part.0+0xee/0x1910 [ 275.887043][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 275.893077][ C1] ? find_held_lock+0x2d/0x110 [ 275.897872][ C1] ? rcu_read_unlock+0x9/0x60 [ 275.902606][ C1] shrink_node+0x85e/0x1e80 [ 275.907594][ C1] ? __cpuset_node_allowed+0x3d/0x5c0 [ 275.913096][ C1] do_try_to_free_pages+0x3b4/0x17a0 [ 275.918534][ C1] ? shrink_node+0x1e80/0x1e80 [ 275.923431][ C1] try_to_free_pages+0x2a7/0x840 [ 275.928550][ C1] ? reclaim_pages+0x670/0x670 [ 275.933374][ C1] __alloc_pages_slowpath.constprop.0+0x8f8/0x2240 [ 275.939958][ C1] ? warn_alloc+0x190/0x190 [ 275.944514][ C1] ? __zone_watermark_ok+0x450/0x450 [ 275.954625][ C1] ? prepare_alloc_pages+0x417/0x570 [ 275.959947][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 275.965961][ C1] __alloc_pages+0x43d/0x510 [ 275.970581][ C1] ? __alloc_pages_slowpath.constprop.0+0x2240/0x2240 [ 275.977390][ C1] ? __slab_alloc.constprop.0+0x4d/0xa0 [ 275.982974][ C1] alloc_pages+0x1a6/0x270 [ 275.987468][ C1] allocate_slab+0x27e/0x3d0 [ 275.992172][ C1] ___slab_alloc+0x7f1/0xe10 [ 275.996790][ C1] ? anon_vma_clone+0x35a/0x600 [ 276.001683][ C1] ? anon_vma_clone+0x35a/0x600 [ 276.007601][ C1] __slab_alloc.constprop.0+0x4d/0xa0 [ 276.013012][ C1] ? anon_vma_clone+0x35a/0x600 [ 276.017892][ C1] kmem_cache_alloc+0x38c/0x3b0 [ 276.022801][ C1] anon_vma_clone+0x35a/0x600 [ 276.027555][ C1] anon_vma_fork+0x82/0x640 [ 276.032087][ C1] ? __vm_enough_memory+0x184/0x360 [ 276.037322][ C1] dup_mm+0xa52/0x13a0 [ 276.041444][ C1] ? replace_mm_exe_file+0x480/0x480 [ 276.046765][ C1] ? __raw_spin_lock_init+0x36/0x110 [ 276.052101][ C1] copy_process+0x3ca6/0x7090 [ 276.056828][ C1] ? find_held_lock+0x2d/0x110 [ 276.061638][ C1] ? __cleanup_sighand+0xb0/0xb0 [ 276.066614][ C1] ? _copy_from_user+0xf9/0x170 [ 276.071502][ C1] kernel_clone+0xe7/0xab0 [ 276.075952][ C1] ? create_io_thread+0xe0/0xe0 [ 276.080841][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 276.086860][ C1] __do_sys_clone3+0x1cd/0x2e0 [ 276.091968][ C1] ? __do_sys_clone+0x100/0x100 [ 276.097032][ C1] ? up_write+0x470/0x470 [ 276.101506][ C1] ? syscall_enter_from_user_mode+0x22/0xb0 [ 276.107437][ C1] ? syscall_enter_from_user_mode+0x22/0xb0 [ 276.113386][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 276.118627][ C1] do_syscall_64+0x35/0xb0 [ 276.123166][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 276.129094][ C1] RIP: 0033:0x7f9b5a688e99 [ 276.133566][ C1] [ 276.135976][ C1] ================================ [ 276.141077][ C1] WARNING: inconsistent lock state [ 276.146182][ C1] 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0 Not tainted [ 276.153203][ C1] -------------------------------- [ 276.158306][ C1] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage. [ 276.165249][ C1] syz-executor.0/19932 [HC1[1]:SC0[0]:HE0:SE1] takes: [ 276.172024][ C1] ffffffff8c0bf338 (vmap_area_lock){?.+.}-{2:2}, at: find_vmap_area+0x1c/0x130 [ 276.181034][ C1] {HARDIRQ-ON-W} state was registered at: [ 276.186843][ C1] lock_acquire+0x1ab/0x570 [ 276.191544][ C1] _raw_spin_lock+0x2a/0x40 [ 276.196160][ C1] alloc_vmap_area+0xa0b/0x1d50 [ 276.201214][ C1] __get_vm_area_node+0x142/0x3f0 [ 276.206447][ C1] get_vm_area_caller+0x43/0x50 [ 276.211411][ C1] __ioremap_caller.constprop.0+0x292/0x600 [ 276.217415][ C1] acpi_os_map_iomem+0x463/0x550 [ 276.222464][ C1] acpi_tb_acquire_table+0xd8/0x209 [ 276.227764][ C1] acpi_tb_validate_table+0x50/0x8c [ 276.233064][ C1] acpi_tb_verify_temp_table+0x84/0x674 [ 276.238715][ C1] acpi_reallocate_root_table+0x374/0x3e0 [ 276.244632][ C1] acpi_early_init+0x13a/0x438 [ 276.249509][ C1] start_kernel+0x3cf/0x48f [ 276.254156][ C1] secondary_startup_64_no_verify+0xce/0xdb [ 276.260159][ C1] irq event stamp: 1966 [ 276.264320][ C1] hardirqs last enabled at (1965): [] _raw_spin_unlock_irqrestore+0x50/0x70 [ 276.274678][ C1] hardirqs last disabled at (1966): [] sysvec_apic_timer_interrupt+0xb/0xc0 [ 276.284950][ C1] softirqs last enabled at (0): [] copy_process+0x212f/0x7090 [ 276.294085][ C1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 276.301226][ C1] [ 276.301226][ C1] other info that might help us debug this: [ 276.309293][ C1] Possible unsafe locking scenario: [ 276.309293][ C1] [ 276.316794][ C1] CPU0 [ 276.320082][ C1] ---- [ 276.323359][ C1] lock(vmap_area_lock); [ 276.327709][ C1] [ 276.331352][ C1] lock(vmap_area_lock); [ 276.335915][ C1] [ 276.335915][ C1] *** DEADLOCK *** [ 276.335915][ C1] [ 276.344059][ C1] 5 locks held by syz-executor.0/19932: [ 276.349613][ C1] #0: ffffffff8c06d990 (dup_mmap_sem){.+.+}-{0:0}, at: dup_mm+0x108/0x13a0 [ 276.358345][ C1] #1: ffff8880aa556328 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x129/0x13a0 [ 276.367438][ C1] #2: ffff8881b9c28f28 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x17b/0x13a0 [ 276.376517][ C1] #3: ffffffff8c0c4480 (fs_reclaim){+.+.}-{0:0}, at: __alloc_pages_slowpath.constprop.0+0x84f/0x2240 [ 276.387510][ C1] #4: ffffffff8bf93958 (rcu_node_0){-.-.}-{2:2}, at: rcu_dump_cpu_stacks+0xc1/0x4d0 [ 276.397043][ C1] [ 276.397043][ C1] stack backtrace: [ 276.403053][ C1] CPU: 1 PID: 19932 Comm: syz-executor.0 Not tainted 6.0.0-rc6-syzkaller-00009-g60891ec99e14 #0 [ 276.413656][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 276.423813][ C1] Call Trace: [ 276.427105][ C1] [ 276.429962][ C1] dump_stack_lvl+0xcd/0x134 [ 276.434575][ C1] mark_lock.part.0.cold+0x18/0xd8 [ 276.440029][ C1] ? lock_chain_count+0x20/0x20 [ 276.444905][ C1] ? desc_read_finalized_seq+0x12a/0x1c0 [ 276.450589][ C1] ? memcpy+0x39/0x60 [ 276.454629][ C1] ? desc_read+0x2d6/0x380 [ 276.459077][ C1] ? _prb_read_valid+0x5f6/0x710 [ 276.464050][ C1] __lock_acquire+0x14a2/0x56d0 [ 276.468951][ C1] ? __up_console_sem+0x47/0xc0 [ 276.473836][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 276.480036][ C1] lock_acquire+0x1ab/0x570 [ 276.484596][ C1] ? find_vmap_area+0x1c/0x130 [ 276.489382][ C1] ? lock_release+0x780/0x780 [ 276.494112][ C1] ? console_emit_next_record.constprop.0+0x840/0x840 [ 276.500986][ C1] ? vprintk+0x80/0x90 [ 276.505168][ C1] ? __wake_up_klogd.part.0+0x99/0xf0 [ 276.510571][ C1] _raw_spin_lock+0x2a/0x40 [ 276.515095][ C1] ? find_vmap_area+0x1c/0x130 [ 276.519878][ C1] find_vmap_area+0x1c/0x130 [ 276.524489][ C1] __check_object_size+0x1f8/0x700 [ 276.529621][ C1] ? record_print_text.cold+0x16/0x16 [ 276.535116][ C1] copy_from_user_nmi+0xcb/0x130 [ 276.540112][ C1] show_opcodes+0x59/0xb0 [ 276.544469][ C1] show_iret_regs+0xd/0x33 [ 276.548938][ C1] __show_regs+0x1e/0x60 [ 276.553208][ C1] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 276.559303][ C1] show_trace_log_lvl+0x25b/0x2ba [ 276.564349][ C1] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 276.570469][ C1] dump_stack_lvl+0xcd/0x134 [ 276.575085][ C1] nmi_cpu_backtrace.cold+0x46/0x14f [ 276.580398][ C1] ? lapic_can_unplug_cpu+0x80/0x80 [ 276.585714][ C1] nmi_trigger_cpumask_backtrace+0x206/0x250 [ 276.591715][ C1] rcu_dump_cpu_stacks+0x2c7/0x4d0 [ 276.596866][ C1] rcu_sched_clock_irq.cold+0x9f/0x79c [ 276.602362][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 276.607617][ C1] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 276.613545][ C1] ? rcu_momentary_dyntick_idle+0x80/0x80 [ 276.619307][ C1] ? tick_sched_do_timer+0x470/0x470 [ 276.624618][ C1] update_process_times+0x11a/0x1a0 [ 276.629935][ C1] tick_sched_handle+0x9b/0x180 [ 276.634810][ C1] tick_sched_timer+0xee/0x120 [ 276.639605][ C1] __hrtimer_run_queues+0x1c0/0xe40 [ 276.644828][ C1] ? hrtimer_sleeper_start_expires+0x80/0x80 [ 276.650914][ C1] ? ktime_get_update_offsets_now+0x3eb/0x5c0 [ 276.657179][ C1] hrtimer_interrupt+0x31c/0x790 [ 276.662162][ C1] __sysvec_apic_timer_interrupt+0x146/0x530 [ 276.668163][ C1] sysvec_apic_timer_interrupt+0x8e/0xc0 [ 276.673819][ C1] [ 276.676793][ C1] [ 276.679752][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 276.685757][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x38/0x70 [ 276.692202][ C1] Code: 74 24 10 e8 4a 2e dc f7 48 89 ef e8 d2 af dc f7 81 e3 00 02 00 00 75 25 9c 58 f6 c4 02 75 2d 48 85 db 74 01 fb bf 01 00 00 00 83 71 cf f7 65 8b 05 6c 27 7f 76 85 c0 74 0a 5b 5d c3 e8 40 38 [ 276.712262][ C1] RSP: 0018:ffffc90043b4eac8 EFLAGS: 00000206 [ 276.718440][ C1] RAX: 0000000000000002 RBX: 0000000000000200 RCX: 1ffffffff211db76 [ 276.726437][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 276.734511][ C1] RBP: ffff8880b9b283c0 R08: 0000000000000001 R09: ffffffff908e5957 [ 276.742523][ C1] R10: 0000000000000001 R11: 0000000000000000 R12: 00000000ffffd140 [ 276.750546][ C1] R13: ffff8880b9b283c0 R14: 0000000000000000 R15: 00000000ffffffff [ 276.758562][ C1] __mod_timer+0x837/0xe30 [ 276.763092][ C1] ? enqueue_timer+0x5b0/0x5b0 [ 276.767877][ C1] ? lock_chain_count+0x20/0x20 [ 276.772841][ C1] ? debug_object_free+0x350/0x350 [ 276.777978][ C1] ? lockdep_init_map_type+0x21a/0x7f0 [ 276.783472][ C1] schedule_timeout+0x145/0x2a0 [ 276.788379][ C1] ? usleep_range_state+0x1b0/0x1b0 [ 276.793616][ C1] ? destroy_timer_on_stack+0x20/0x20 [ 276.799039][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 276.804876][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 276.810712][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 276.815938][ C1] reclaim_throttle+0x753/0xa40 [ 276.820851][ C1] ? lock_chain_count+0x20/0x20 [ 276.825747][ C1] ? drop_slab+0x280/0x280 [ 276.830186][ C1] ? prepare_to_wait_exclusive+0x2b0/0x2b0 [ 276.836015][ C1] shrink_lruvec+0xa83/0x2650 [ 276.840729][ C1] ? reclaim_throttle+0xa40/0xa40 [ 276.845789][ C1] ? mark_lock.part.0+0xee/0x1910 [ 276.850830][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 276.856835][ C1] ? find_held_lock+0x2d/0x110 [ 276.861650][ C1] ? rcu_read_unlock+0x9/0x60 [ 276.866363][ C1] shrink_node+0x85e/0x1e80 [ 276.870921][ C1] ? __cpuset_node_allowed+0x3d/0x5c0 [ 276.876314][ C1] do_try_to_free_pages+0x3b4/0x17a0 [ 276.881625][ C1] ? shrink_node+0x1e80/0x1e80 [ 276.886437][ C1] try_to_free_pages+0x2a7/0x840 [ 276.891409][ C1] ? reclaim_pages+0x670/0x670 [ 276.896202][ C1] __alloc_pages_slowpath.constprop.0+0x8f8/0x2240 [ 276.902740][ C1] ? warn_alloc+0x190/0x190 [ 276.907449][ C1] ? __zone_watermark_ok+0x450/0x450 [ 276.912767][ C1] ? prepare_alloc_pages+0x417/0x570 [ 276.918079][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 276.924171][ C1] __alloc_pages+0x43d/0x510 [ 276.928872][ C1] ? __alloc_pages_slowpath.constprop.0+0x2240/0x2240 [ 276.935681][ C1] ? __slab_alloc.constprop.0+0x4d/0xa0 [ 276.941778][ C1] alloc_pages+0x1a6/0x270 [ 276.946309][ C1] allocate_slab+0x27e/0x3d0 [ 276.950930][ C1] ___slab_alloc+0x7f1/0xe10 [ 276.955547][ C1] ? anon_vma_clone+0x35a/0x600 [ 276.960424][ C1] ? anon_vma_clone+0x35a/0x600 [ 276.965504][ C1] __slab_alloc.constprop.0+0x4d/0xa0 [ 276.970900][ C1] ? anon_vma_clone+0x35a/0x600 [ 276.975770][ C1] kmem_cache_alloc+0x38c/0x3b0 [ 276.980642][ C1] anon_vma_clone+0x35a/0x600 [ 276.985340][ C1] anon_vma_fork+0x82/0x640 [ 276.989898][ C1] ? __vm_enough_memory+0x184/0x360 [ 276.995113][ C1] dup_mm+0xa52/0x13a0 [ 276.999208][ C1] ? replace_mm_exe_file+0x480/0x480 [ 277.004536][ C1] ? __raw_spin_lock_init+0x36/0x110 [ 277.009961][ C1] copy_process+0x3ca6/0x7090 [ 277.014668][ C1] ? find_held_lock+0x2d/0x110 [ 277.019464][ C1] ? __cleanup_sighand+0xb0/0xb0 [ 277.024427][ C1] ? _copy_from_user+0xf9/0x170 [ 277.029575][ C1] kernel_clone+0xe7/0xab0 [ 277.034020][ C1] ? create_io_thread+0xe0/0xe0 [ 277.038898][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 277.044910][ C1] __do_sys_clone3+0x1cd/0x2e0 [ 277.049700][ C1] ? __do_sys_clone+0x100/0x100 [ 277.054588][ C1] ? up_write+0x470/0x470 [ 277.058958][ C1] ? syscall_enter_from_user_mode+0x22/0xb0 [ 277.064970][ C1] ? syscall_enter_from_user_mode+0x22/0xb0 [ 277.070890][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 277.076122][ C1] do_syscall_64+0x35/0xb0 [ 277.080599][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 277.086512][ C1] RIP: 0033:0x7f9b5a688e99 [ 277.091035][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 277.111456][ C1] RSP: 002b:00007f9b5b7be168 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 277.119889][ C1] RAX: ffffffffffffffda RBX: 00007f9b5a79bf60 RCX: 00007f9b5a688e99 [ 277.127974][ C1] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000080 [ 277.136004][ C1] RBP: 00007f9b5a6e2ff1 R08: 0000000000000000 R09: 0000000000000000 [ 277.143997][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.152014][ C1] R13: 00007ffd5c3a5eef R14: 00007f9b5b7be300 R15: 0000000000022000 [ 277.160015][ C1] [ 277.163063][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 277.182801][ C1] RSP: 002b:00007f9b5b7be168 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 277.191319][ C1] RAX: ffffffffffffffda RBX: 00007f9b5a79bf60 RCX: 00007f9b5a688e99 [ 277.199393][ C1] RDX: 0000000000000000 RSI: 0000000000000058 RDI: 0000000020000080 [ 277.207644][ C1] RBP: 00007f9b5a6e2ff1 R08: 0000000000000000 R09: 0000000000000000 [ 277.215638][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.223660][ C1] R13: 00007ffd5c3a5eef R14: 00007f9b5b7be300 R15: 0000000000022000 [ 277.232548][ C1]