Warning: Permanently added '[localhost]:42910' (ECDSA) to the list of known hosts. 2020/11/02 07:24:42 fuzzer started 2020/11/02 07:24:43 dialing manager at 10.0.2.10:43833 2020/11/02 07:24:43 syscalls: 3439 2020/11/02 07:24:43 code coverage: enabled 2020/11/02 07:24:43 comparison tracing: enabled 2020/11/02 07:24:43 extra coverage: enabled 2020/11/02 07:24:43 setuid sandbox: enabled 2020/11/02 07:24:43 namespace sandbox: enabled 2020/11/02 07:24:43 Android sandbox: /sys/fs/selinux/policy does not exist 2020/11/02 07:24:43 fault injection: enabled 2020/11/02 07:24:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/11/02 07:24:43 net packet injection: enabled 2020/11/02 07:24:43 net device setup: enabled 2020/11/02 07:24:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/11/02 07:24:43 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/11/02 07:24:43 USB emulation: enabled 2020/11/02 07:24:43 hci packet injection: enabled 2020/11/02 07:24:43 wifi device emulation: enabled 07:26:45 executing program 0: r0 = socket(0x2, 0x5, 0x0) bind$bt_rfcomm(r0, &(0x7f0000000000), 0xa) 07:26:45 executing program 1: r0 = socket(0x25, 0x5, 0x0) recvmmsg(r0, &(0x7f0000000980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0) 07:26:46 executing program 2: syz_mount_image$bfs(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) futimesat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) 07:26:46 executing program 3: r0 = socket(0x1, 0x5, 0x0) recvmmsg(r0, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) syzkaller login: [ 232.585806][T10087] IPVS: ftp: loaded support on port[0] = 21 [ 232.893593][T10087] chnl_net:caif_netlink_parms(): no params data found [ 232.894251][T10089] IPVS: ftp: loaded support on port[0] = 21 [ 233.052665][T10087] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.083207][T10087] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.112840][T10087] device bridge_slave_0 entered promiscuous mode [ 233.136083][T10087] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.154491][T10087] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.173188][T10087] device bridge_slave_1 entered promiscuous mode [ 233.231789][T10087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 233.281560][T10087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 233.405382][T10091] IPVS: ftp: loaded support on port[0] = 21 [ 233.420457][T10087] team0: Port device team_slave_0 added [ 233.461258][T10087] team0: Port device team_slave_1 added [ 233.538342][T10089] chnl_net:caif_netlink_parms(): no params data found [ 233.555993][T10087] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 233.568710][T10087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 233.620638][T10087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 233.646982][T10087] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 233.657823][T10087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 233.706846][T10087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 233.780273][T10087] device hsr_slave_0 entered promiscuous mode [ 233.790547][T10087] device hsr_slave_1 entered promiscuous mode [ 233.904246][T10097] IPVS: ftp: loaded support on port[0] = 21 [ 233.996003][T10089] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.011588][T10089] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.034368][T10089] device bridge_slave_0 entered promiscuous mode [ 234.056081][T10089] bridge0: port 2(bridge_slave_1) entered blocking state [ 234.071909][T10089] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.087995][T10089] device bridge_slave_1 entered promiscuous mode [ 234.164465][T10089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 234.233706][T10089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 234.322000][T10089] team0: Port device team_slave_0 added [ 234.381642][T10089] team0: Port device team_slave_1 added [ 234.447006][T10091] chnl_net:caif_netlink_parms(): no params data found [ 234.478417][T10089] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 234.495438][T10089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 234.521847][ T23] Bluetooth: hci0: command 0x0409 tx timeout [ 234.541013][T10089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 234.608430][T10089] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 234.625048][T10089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 234.718304][T10089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 234.794939][T10087] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 234.864169][T10087] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 234.910264][ T23] Bluetooth: hci1: command 0x0409 tx timeout [ 234.964039][T10089] device hsr_slave_0 entered promiscuous mode [ 234.981419][T10089] device hsr_slave_1 entered promiscuous mode [ 235.001350][T10089] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 235.027036][T10089] Cannot create hsr debugfs directory [ 235.042792][T10087] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 235.058262][T10091] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.074219][T10091] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.092242][T10091] device bridge_slave_0 entered promiscuous mode [ 235.127188][T10087] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 235.146083][T10091] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.159983][T10091] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.172367][T10091] device bridge_slave_1 entered promiscuous mode [ 235.204000][T10097] chnl_net:caif_netlink_parms(): no params data found [ 235.244100][T10091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 235.268531][T10091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 235.367070][T10091] team0: Port device team_slave_0 added [ 235.389829][ T23] Bluetooth: hci2: command 0x0409 tx timeout [ 235.405386][T10091] team0: Port device team_slave_1 added [ 235.467724][T10097] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.481435][T10097] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.500395][T10097] device bridge_slave_0 entered promiscuous mode [ 235.513809][T10091] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 235.524064][T10091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 235.562882][T10091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 235.578306][T10091] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 235.587493][T10091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 235.620666][T10091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 235.652458][T10097] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.665827][T10097] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.680547][T10097] device bridge_slave_1 entered promiscuous mode [ 235.735319][T10091] device hsr_slave_0 entered promiscuous mode [ 235.744373][T10091] device hsr_slave_1 entered promiscuous mode [ 235.755283][T10091] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 235.765431][T10091] Cannot create hsr debugfs directory [ 235.816180][T10097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 235.847528][T10097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 235.880020][ T3079] Bluetooth: hci3: command 0x0409 tx timeout [ 235.953435][T10097] team0: Port device team_slave_0 added [ 236.218943][T10097] team0: Port device team_slave_1 added [ 236.271518][T10089] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 236.302777][T10089] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 236.331539][T10089] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 236.357513][T10097] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 236.381332][T10097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 236.535100][T10097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 236.592102][ T3079] Bluetooth: hci0: command 0x041b tx timeout [ 236.597394][T10097] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 236.634061][T10097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 236.735831][T10097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 236.772066][T10089] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 236.845562][T10097] device hsr_slave_0 entered promiscuous mode [ 236.863551][T10097] device hsr_slave_1 entered promiscuous mode [ 236.881094][T10097] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 236.903567][T10097] Cannot create hsr debugfs directory [ 237.000872][ T3079] Bluetooth: hci1: command 0x041b tx timeout [ 237.070757][T10091] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 237.206729][T10091] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 237.238667][T10091] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 237.317298][T10091] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 237.371994][T10087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 237.486619][ T23] Bluetooth: hci2: command 0x041b tx timeout [ 237.500569][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 237.525599][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 237.550182][T10087] 8021q: adding VLAN 0 to HW filter on device team0 [ 237.613386][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 237.630060][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 237.646002][ T1720] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.660706][ T1720] bridge0: port 1(bridge_slave_0) entered forwarding state [ 237.677988][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 237.700423][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 237.725719][ T1720] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.746424][ T1720] bridge0: port 2(bridge_slave_1) entered forwarding state [ 237.782709][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 237.819810][T10097] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 237.857845][T10097] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 237.885606][T10097] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 237.922128][T10089] 8021q: adding VLAN 0 to HW filter on device bond0 [ 237.944838][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 237.968058][ T23] Bluetooth: hci3: command 0x041b tx timeout [ 237.968814][T10097] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 238.019749][T10121] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 238.110180][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 238.127484][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 238.148635][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 238.181601][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 238.212726][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 238.238062][T10089] 8021q: adding VLAN 0 to HW filter on device team0 [ 238.265799][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 238.284582][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 238.300655][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 238.331449][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 238.351094][ T1720] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.368776][ T1720] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.384116][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 238.420242][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 238.437244][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 238.464365][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 238.481245][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 238.512958][T10091] 8021q: adding VLAN 0 to HW filter on device bond0 [ 238.540024][T10087] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 238.555662][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 238.571036][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 238.585445][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.597505][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 238.639414][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 238.656247][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 238.674728][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 238.680144][T10120] Bluetooth: hci0: command 0x040f tx timeout [ 238.689141][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 238.730217][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 238.771517][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 238.788379][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 238.808617][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 238.826146][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 238.848351][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 238.864993][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 238.880529][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 238.896034][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 238.916105][T10091] 8021q: adding VLAN 0 to HW filter on device team0 [ 238.933927][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 238.951833][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 238.974181][T10089] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 239.010723][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 239.030735][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 239.061689][T10120] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.078529][T10120] bridge0: port 1(bridge_slave_0) entered forwarding state [ 239.106600][ T47] Bluetooth: hci1: command 0x040f tx timeout [ 239.148009][T10087] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 239.170601][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 239.194344][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 239.220029][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 239.243134][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 239.268798][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 239.287336][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.304421][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.336345][T10089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 239.355421][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 239.404475][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 239.433070][T10097] 8021q: adding VLAN 0 to HW filter on device bond0 [ 239.450341][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 239.477334][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 239.501867][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 239.542330][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 239.549814][ T3483] Bluetooth: hci2: command 0x040f tx timeout [ 239.562133][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 239.603123][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 239.625779][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 239.648573][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 239.666630][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 239.684623][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 239.706481][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 239.732094][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 239.748863][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 239.796804][T10097] 8021q: adding VLAN 0 to HW filter on device team0 [ 239.818566][T10091] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 239.843601][T10091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 239.866774][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 239.886301][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 239.904095][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 239.920490][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 239.939281][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 239.960777][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 240.000542][T10089] device veth0_vlan entered promiscuous mode [ 240.017064][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 240.040615][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 240.061794][ T23] Bluetooth: hci3: command 0x040f tx timeout [ 240.070761][T10087] device veth0_vlan entered promiscuous mode [ 240.107809][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 240.167376][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 240.197225][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 240.223736][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 240.245075][ T23] bridge0: port 1(bridge_slave_0) entered blocking state [ 240.267932][ T23] bridge0: port 1(bridge_slave_0) entered forwarding state [ 240.285281][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 240.312212][T10089] device veth1_vlan entered promiscuous mode [ 240.329892][T10087] device veth1_vlan entered promiscuous mode [ 240.338762][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 240.350383][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 240.364057][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 240.375606][ T1720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 240.389801][ T1720] bridge0: port 2(bridge_slave_1) entered blocking state [ 240.400881][ T1720] bridge0: port 2(bridge_slave_1) entered forwarding state [ 240.428223][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 240.439067][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 240.455384][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 240.490468][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 240.510898][T10091] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 240.545343][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 240.574033][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 240.595189][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 240.652720][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 240.684519][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 240.704850][T10089] device veth0_macvtap entered promiscuous mode [ 240.730968][T10089] device veth1_macvtap entered promiscuous mode [ 240.856141][T10120] Bluetooth: hci0: command 0x0419 tx timeout [ 240.958006][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 240.997983][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 241.023225][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 241.040843][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 241.098975][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 241.122631][ T3342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 241.150402][T10120] Bluetooth: hci1: command 0x0419 tx timeout [ 241.250773][T10089] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 241.277871][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 241.306402][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 241.335712][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 241.359164][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 241.395640][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 241.411591][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 241.440146][T10097] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 241.468424][T10087] device veth0_macvtap entered promiscuous mode [ 241.521816][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 241.581071][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 241.618667][T10122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 241.645331][T10122] Bluetooth: hci2: command 0x0419 tx timeout [ 241.664790][T10087] device veth1_macvtap entered promiscuous mode [ 241.693423][T10089] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 241.725763][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 241.758571][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 241.778392][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 241.791198][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 241.826056][T10089] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.853581][T10089] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.885577][T10089] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.909159][T10089] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.063693][T10097] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 242.115632][ T3483] Bluetooth: hci3: command 0x0419 tx timeout [ 242.121693][T10091] device veth0_vlan entered promiscuous mode [ 242.193243][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 242.224630][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 242.263935][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 242.307729][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 242.407444][T10087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 242.524245][T10087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 242.586429][T10087] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 242.647116][T10091] device veth1_vlan entered promiscuous mode [ 243.000841][T10097] device veth0_vlan entered promiscuous mode [ 243.089303][T10097] device veth1_vlan entered promiscuous mode [ 243.157254][T10097] device veth0_macvtap entered promiscuous mode [ 243.188380][T10097] device veth1_macvtap entered promiscuous mode [ 243.228158][T10097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 243.265567][T10097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.296188][T10097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 243.325579][T10097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.347958][T10097] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 243.364539][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 243.379750][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 243.398494][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 243.416474][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 243.432789][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 243.455436][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 243.470544][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 243.486411][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 243.500518][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 243.513936][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 243.528218][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 243.552235][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 243.597286][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 243.625550][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 243.657602][T10087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 243.683675][T10087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.712072][T10087] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 243.760386][T10103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 243.763286][T10097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 243.778803][T10103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.811002][T10097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.828314][T10097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 243.873381][T10097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.915165][T10097] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 243.945965][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 243.960913][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 243.984262][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 244.005545][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 244.022562][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 244.040112][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 244.053869][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 244.071913][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 244.094989][T10087] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.124629][T10087] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.147079][T10087] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.168681][T10087] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.263879][T10097] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.266114][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.294311][T10097] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.294339][T10097] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.294364][T10097] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.415487][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.442594][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 244.460215][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 244.478759][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 244.512180][T10091] device veth0_macvtap entered promiscuous mode [ 244.593542][T10091] device veth1_macvtap entered promiscuous mode [ 244.652061][T10089] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 244.706097][ T2979] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.710999][T10091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 244.747611][ T2979] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.780404][T10091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.815111][T10091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 244.949966][T10091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 244.982101][T10091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 245.068582][T10091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.128572][T10091] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 245.194302][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready 07:26:59 executing program 1: r0 = socket(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x18160, 0x0) [ 245.218873][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 245.275395][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 245.307468][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 245.328755][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready 07:26:59 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/mixer\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_DEVMASK(r0, 0x80044dfe, 0x0) [ 245.387263][T10091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 07:26:59 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000180)=[{0x45}]}) [ 245.463276][T10091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.549554][T10091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 245.649878][T10091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 07:27:00 executing program 1: r0 = socket(0x2, 0x6, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, 0x0, 0x0) [ 245.694641][T10091] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 245.725420][T10091] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 245.789300][T10091] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 245.846685][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 245.865391][T10091] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.923121][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.972612][T10091] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.030618][T10091] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.066325][T10091] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.109199][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 246.134453][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 246.157692][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 246.208763][ T2979] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.232285][ T2979] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.274648][ T47] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 246.322941][ T2979] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.348828][ T2979] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.375217][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 246.428829][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.486243][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.515280][T10141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.574530][T10116] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 246.596937][T10141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 07:27:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000180)=[{0x2}]}) 07:27:00 executing program 1: r0 = epoll_create(0x6) epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0x0) [ 246.658427][T10120] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 246.970735][T10159] check_preemption_disabled: 3 callbacks suppressed [ 246.970747][T10159] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10159 [ 247.075122][T10159] caller is lockdep_hardirqs_on_prepare+0x5e/0x410 [ 247.116450][T10159] CPU: 0 PID: 10159 Comm: syz-executor.2 Not tainted 5.10.0-rc1-syzkaller #0 [ 247.184156][T10159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 247.264628][T10159] Call Trace: [ 247.271357][T10159] dump_stack+0x107/0x163 [ 247.271357][T10159] check_preemption_disabled+0x123/0x130 [ 247.304922][T10159] lockdep_hardirqs_on_prepare+0x5e/0x410 [ 247.326137][T10159] trace_hardirqs_on+0x5b/0x1c0 [ 247.353105][T10159] __bad_area_nosemaphore+0xc6/0x400 [ 247.366581][T10159] do_user_addr_fault+0x7d7/0xb40 [ 247.366581][T10159] exc_page_fault+0x9e/0x180 [ 247.412931][T10159] ? asm_exc_page_fault+0x8/0x30 [ 247.421979][T10159] asm_exc_page_fault+0x1e/0x30 [ 247.421979][T10159] RIP: 0023:0x807cc81 [ 247.421979][T10159] Code: 00 00 21 c2 74 24 7a 17 38 30 0f 84 9f 00 00 00 40 38 30 0f 84 96 00 00 00 40 83 f2 02 74 0b 38 30 0f 84 88 00 00 00 40 31 d2 <8b> 08 83 c0 04 29 ca 81 c1 ff fe fe fe 4a 73 58 31 ca 81 e2 00 01 [ 247.524840][T10159] RSP: 002b:00000000f55cbf2c EFLAGS: 00010246 [ 247.524840][T10159] RAX: 0000000000000000 RBX: 000000000815e000 RCX: 0000000000000000 [ 247.524840][T10159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f55cc0b0 [ 247.524840][T10159] RBP: 00000000f55cbfb0 R08: 0000000000000000 R09: 0000000000000000 [ 247.524840][T10159] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 247.640254][T10159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 247.700480][T10159] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10159 [ 247.733766][T10159] caller is lockdep_hardirqs_on+0x38/0x110 [ 247.749838][T10159] CPU: 0 PID: 10159 Comm: syz-executor.2 Not tainted 5.10.0-rc1-syzkaller #0 [ 247.751596][T10161] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10161 [ 247.759670][T10159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 247.759670][T10159] Call Trace: [ 247.759670][T10159] dump_stack+0x107/0x163 [ 247.759670][T10159] check_preemption_disabled+0x123/0x130 [ 247.759670][T10159] ? __bad_area_nosemaphore+0xc6/0x400 [ 247.759670][T10159] lockdep_hardirqs_on+0x38/0x110 [ 247.759670][T10159] __bad_area_nosemaphore+0xc6/0x400 [ 247.759670][T10159] do_user_addr_fault+0x7d7/0xb40 [ 247.759670][T10159] exc_page_fault+0x9e/0x180 [ 247.759670][T10159] ? asm_exc_page_fault+0x8/0x30 [ 247.759670][T10159] asm_exc_page_fault+0x1e/0x30 [ 247.759670][T10159] RIP: 0023:0x807cc81 [ 247.759670][T10159] Code: 00 00 21 c2 74 24 7a 17 38 30 0f 84 9f 00 00 00 40 38 30 0f 84 96 00 00 00 40 83 f2 02 74 0b 38 30 0f 84 88 00 00 00 40 31 d2 <8b> 08 83 c0 04 29 ca 81 c1 ff fe fe fe 4a 73 58 31 ca 81 e2 00 01 [ 247.759670][T10159] RSP: 002b:00000000f55cbf2c EFLAGS: 00010246 [ 247.759670][T10159] RAX: 0000000000000000 RBX: 000000000815e000 RCX: 0000000000000000 [ 247.759670][T10159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f55cc0b0 [ 247.759670][T10159] RBP: 00000000f55cbfb0 R08: 0000000000000000 R09: 0000000000000000 [ 247.759670][T10159] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 247.759670][T10159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 248.436999][T10161] caller is lockdep_hardirqs_on_prepare+0x5e/0x410 [ 248.456368][T10161] CPU: 1 PID: 10161 Comm: syz-executor.2 Not tainted 5.10.0-rc1-syzkaller #0 [ 248.482501][T10161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 248.512475][T10161] Call Trace: [ 248.522724][T10161] dump_stack+0x107/0x163 [ 248.531685][T10161] check_preemption_disabled+0x123/0x130 [ 248.551187][T10161] lockdep_hardirqs_on_prepare+0x5e/0x410 [ 248.569730][T10161] trace_hardirqs_on+0x5b/0x1c0 [ 248.581392][T10161] __bad_area_nosemaphore+0xc6/0x400 [ 248.592624][T10161] do_user_addr_fault+0x7d7/0xb40 [ 248.609698][T10161] exc_page_fault+0x9e/0x180 [ 248.621200][T10161] ? asm_exc_page_fault+0x8/0x30 [ 248.631283][T10161] asm_exc_page_fault+0x1e/0x30 [ 248.651827][T10161] RIP: 0023:0x807cc81 [ 248.675445][T10161] Code: 00 00 21 c2 74 24 7a 17 38 30 0f 84 9f 00 00 00 40 38 30 0f 84 96 00 00 00 40 83 f2 02 74 0b 38 30 0f 84 88 00 00 00 40 31 d2 <8b> 08 83 c0 04 29 ca 81 c1 ff fe fe fe 4a 73 58 31 ca 81 e2 00 01 [ 248.729861][T10161] RSP: 002b:00000000f55aaf2c EFLAGS: 00010246 [ 248.742600][T10161] RAX: 0000000000000000 RBX: 000000000815e000 RCX: 0000000000000000 [ 248.767785][T10161] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f55ab0b0 [ 248.782369][T10161] RBP: 00000000f55aafb0 R08: 0000000000000000 R09: 0000000000000000 [ 248.809834][T10161] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 248.830201][T10161] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 248.887841][T10161] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10161 [ 248.945918][T10161] caller is lockdep_hardirqs_on+0x38/0x110 [ 248.970817][T10161] CPU: 1 PID: 10161 Comm: syz-executor.2 Not tainted 5.10.0-rc1-syzkaller #0 [ 249.019779][T10161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 249.061585][T10161] Call Trace: [ 249.068382][T10161] dump_stack+0x107/0x163 [ 249.082356][T10161] check_preemption_disabled+0x123/0x130 [ 249.110444][T10161] ? __bad_area_nosemaphore+0xc6/0x400 [ 249.140019][T10161] lockdep_hardirqs_on+0x38/0x110 [ 249.163992][T10161] __bad_area_nosemaphore+0xc6/0x400 [ 249.189848][T10161] do_user_addr_fault+0x7d7/0xb40 [ 249.202336][T10161] exc_page_fault+0x9e/0x180 [ 249.212559][T10161] ? asm_exc_page_fault+0x8/0x30 [ 249.231748][T10161] asm_exc_page_fault+0x1e/0x30 [ 249.242822][T10161] RIP: 0023:0x807cc81 [ 249.255957][T10161] Code: 00 00 21 c2 74 24 7a 17 38 30 0f 84 9f 00 00 00 40 38 30 0f 84 96 00 00 00 40 83 f2 02 74 0b 38 30 0f 84 88 00 00 00 40 31 d2 <8b> 08 83 c0 04 29 ca 81 c1 ff fe fe fe 4a 73 58 31 ca 81 e2 00 01 [ 249.322609][T10161] RSP: 002b:00000000f55aaf2c EFLAGS: 00010246 [ 249.341404][T10161] RAX: 0000000000000000 RBX: 000000000815e000 RCX: 0000000000000000 [ 249.362205][T10161] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f55ab0b0 [ 249.382540][T10161] RBP: 00000000f55aafb0 R08: 0000000000000000 R09: 0000000000000000 [ 249.432803][T10161] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 249.449574][T10161] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 07:27:03 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x10, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@loopback, @in=@remote}}, @sadb_key={0x1}]}, 0x58}}, 0x0) 07:27:03 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKFLSBUF(r0, 0x1261, 0x0) 07:27:03 executing program 3: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x0, 0x0) ioctl$CAPI_SET_FLAGS(r0, 0x80044324, &(0x7f0000000100)) 07:27:03 executing program 1: sendmsg$AUDIT_TRIM(0xffffffffffffffff, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) clone3(&(0x7f00000003c0)={0x42000000, &(0x7f0000000180), 0x0, &(0x7f0000000200), {0x38}, &(0x7f0000000240)=""/214, 0xd6, 0x0, 0x0}, 0x58) [ 249.609793][T10166] IPVS: ftp: loaded support on port[0] = 21 07:27:03 executing program 3: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x0, 0x0) ioctl$CAPI_SET_FLAGS(r0, 0x80044324, &(0x7f0000000100)) 07:27:04 executing program 0: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x0, 0x0) ioctl$SOUND_MIXER_READ_RECMASK(r0, 0x80044dfd, &(0x7f0000000000)) 07:27:04 executing program 3: r0 = socket(0x2, 0xa, 0x0) recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x18160, 0x0) 07:27:04 executing program 2: syz_io_uring_setup(0x6d30, &(0x7f0000000080), &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ff4000/0x1000)=nil, 0x0, 0x0) execveat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0) 07:27:04 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) [ 249.978854][T10179] syz-executor.3 uses obsolete (PF_INET,SOCK_PACKET) [ 250.003349][T10182] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/10182 [ 250.065589][T10182] caller is lockdep_hardirqs_on_prepare+0x5e/0x410 [ 250.101352][T10182] CPU: 0 PID: 10182 Comm: syz-executor.1 Not tainted 5.10.0-rc1-syzkaller #0 [ 250.130743][T10189] IPVS: ftp: loaded support on port[0] = 21 07:27:04 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKBSZSET(r0, 0x5451, 0x0) [ 250.166252][T10182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 250.166252][T10182] Call Trace: [ 250.166252][T10182] dump_stack+0x107/0x163 07:27:04 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKBSZSET(r0, 0x5451, 0x0) [ 250.166252][T10182] check_preemption_disabled+0x123/0x130 [ 250.166252][T10182] lockdep_hardirqs_on_prepare+0x5e/0x410 [ 250.166252][T10182] trace_hardirqs_on+0x5b/0x1c0 07:27:04 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKBSZSET(r0, 0x5451, 0x0) [ 250.166252][T10182] __bad_area_nosemaphore+0xc6/0x400 07:27:04 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) ioctl$BLKBSZSET(r0, 0x5451, 0x0) [ 250.166252][T10182] do_user_addr_fault+0x7d7/0xb40 [ 250.166252][T10182] exc_page_fault+0x9e/0x180 [ 250.166252][T10182] ? asm_exc_page_fault+0x8/0x30 07:27:04 executing program 1: ioctl$BLKBSZSET(0xffffffffffffffff, 0x5451, 0x0) [ 250.166252][T10182] asm_exc_page_fault+0x1e/0x30 [ 250.166252][T10182] RIP: 0023:0x0 [ 250.166252][T10182] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. [ 250.166252][T10182] RSP: 002b:0000000020000326 EFLAGS: 00010296 [ 250.166252][T10182] RAX: 0000000000000000 RBX: 00000000200003c0 RCX: 0000000000000000 [ 250.166252][T10182] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 250.166252][T10182] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 250.166252][T10182] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 250.166252][T10182] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 250.171579][T10192] ------------[ cut here ]------------ [ 251.269605][T10192] WARNING: CPU: 3 PID: 10192 at include/linux/cpumask.h:137 try_to_wake_up+0xd5e/0x1300 [ 251.339753][T10192] Modules linked in: [ 251.339753][T10192] CPU: 3 PID: 10192 Comm: io_wq_manager Not tainted 5.10.0-rc1-syzkaller #0 [ 251.411765][T10192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 251.520803][T10192] RIP: 0010:try_to_wake_up+0xd5e/0x1300 [ 251.584251][T10192] Code: 70 02 00 00 65 ff 0d 81 98 b5 7e 4c 8d 75 40 0f 85 da f8 ff ff e8 11 ee b3 ff e9 d0 f8 ff ff 41 bd 01 00 00 00 e9 6e f3 ff ff <0f> 0b e9 2d f6 ff ff 48 8d bd 98 01 00 00 48 b8 00 00 00 00 00 fc [ 251.669803][T10192] RSP: 0018:ffffc90003647d50 EFLAGS: 00010002 [ 251.690092][T10192] RAX: dffffc0000000000 RBX: 1ffff920006c8faf RCX: ffff8880402624f0 [ 251.699810][T10192] RDX: 1ffff1100804c49d RSI: ffffffff83b49fbb RDI: 0000000000000006 [ 251.759806][T10192] RBP: ffff888040262180 R08: 0000000000000008 R09: ffffffff8ceca2cf [ 251.799585][T10192] R10: 0000000000000040 R11: 0000000000000000 R12: 0000000000000202 [ 251.819743][T10192] R13: ffff8880402629b0 R14: ffff8880402621c0 R15: ffff8880402624e8 [ 251.849646][T10192] FS: 0000000000000000(0000) GS:ffff88802cf00000(0000) knlGS:0000000000000000 [ 251.890076][T10192] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 251.909538][T10192] CR2: 00000000f54deba8 CR3: 0000000065a42000 CR4: 0000000000350ee0 [ 251.940690][T10192] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 251.970300][T10192] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 251.989574][T10192] Call Trace: [ 252.000682][T10192] ? lock_downgrade+0x6d0/0x6d0 [ 252.009686][T10192] ? migrate_swap_stop+0x9f0/0x9f0 [ 252.020706][T10192] ? rwlock_bug.part.0+0x90/0x90 [ 252.039550][T10192] ? _raw_spin_unlock_irq+0x1f/0x40 [ 252.049518][T10192] create_io_worker+0x590/0x8d0 [ 252.059564][T10192] io_wq_manager+0x16b/0xb80 [ 252.069598][T10192] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 252.079508][T10192] ? lockdep_hardirqs_on+0x85/0x110 [ 252.100164][T10192] ? io_wq_for_each_worker.isra.0+0x370/0x370 [ 252.127013][T10192] ? __kthread_parkme+0x13f/0x1e0 [ 252.150436][T10192] ? io_wq_for_each_worker.isra.0+0x370/0x370 [ 252.179903][T10192] kthread+0x3af/0x4a0 [ 252.221969][T10192] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 252.280265][T10192] ret_from_fork+0x1f/0x30 [ 252.321368][T10192] Kernel panic - not syncing: panic_on_warn set ... [ 252.380519][T10192] CPU: 3 PID: 10192 Comm: io_wq_manager Not tainted 5.10.0-rc1-syzkaller #0 [ 252.430033][T10192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 252.469472][T10192] Call Trace: [ 252.489675][T10192] dump_stack+0x107/0x163 [ 252.509639][T10192] panic+0x306/0x73d [ 252.530119][T10192] ? __warn_printk+0xf3/0xf3 [ 252.539562][T10192] ? __warn.cold+0x1d/0xbb [ 252.559525][T10192] ? __warn.cold+0x14/0xbb [ 252.559525][T10192] ? try_to_wake_up+0xd5e/0x1300 [ 252.580287][T10192] __warn.cold+0x38/0xbb [ 252.589893][T10192] ? try_to_wake_up+0xd5e/0x1300 [ 252.599645][T10192] report_bug+0x1bd/0x210 [ 252.599645][T10192] handle_bug+0x3c/0x60 [ 252.619549][T10192] exc_invalid_op+0x14/0x40 [ 252.629566][T10192] asm_exc_invalid_op+0x12/0x20 [ 252.639998][T10192] RIP: 0010:try_to_wake_up+0xd5e/0x1300 [ 252.660088][T10192] Code: 70 02 00 00 65 ff 0d 81 98 b5 7e 4c 8d 75 40 0f 85 da f8 ff ff e8 11 ee b3 ff e9 d0 f8 ff ff 41 bd 01 00 00 00 e9 6e f3 ff ff <0f> 0b e9 2d f6 ff ff 48 8d bd 98 01 00 00 48 b8 00 00 00 00 00 fc [ 252.719770][T10192] RSP: 0018:ffffc90003647d50 EFLAGS: 00010002 [ 252.749683][T10192] RAX: dffffc0000000000 RBX: 1ffff920006c8faf RCX: ffff8880402624f0 [ 252.790580][T10192] RDX: 1ffff1100804c49d RSI: ffffffff83b49fbb RDI: 0000000000000006 [ 252.811587][T10192] RBP: ffff888040262180 R08: 0000000000000008 R09: ffffffff8ceca2cf [ 252.831234][T10192] R10: 0000000000000040 R11: 0000000000000000 R12: 0000000000000202 [ 252.853957][T10192] R13: ffff8880402629b0 R14: ffff8880402621c0 R15: ffff8880402624e8 [ 252.870730][T10192] ? find_first_bit+0x8b/0xb0 [ 252.888983][T10192] ? lock_downgrade+0x6d0/0x6d0 [ 252.894903][T10192] ? migrate_swap_stop+0x9f0/0x9f0 [ 252.899718][T10192] ? rwlock_bug.part.0+0x90/0x90 [ 252.923530][T10192] ? _raw_spin_unlock_irq+0x1f/0x40 [ 252.930723][T10192] create_io_worker+0x590/0x8d0 [ 252.952152][T10192] io_wq_manager+0x16b/0xb80 [ 252.970854][T10192] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 252.990413][T10192] ? lockdep_hardirqs_on+0x85/0x110 [ 253.011027][T10192] ? io_wq_for_each_worker.isra.0+0x370/0x370 [ 253.019698][T10192] ? __kthread_parkme+0x13f/0x1e0 [ 253.039597][T10192] ? io_wq_for_each_worker.isra.0+0x370/0x370 [ 253.059753][T10192] kthread+0x3af/0x4a0 [ 253.079720][T10192] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 253.099817][T10192] ret_from_fork+0x1f/0x30 [ 253.111232][T10192] [ 253.111232][T10192] ====================================================== [ 253.111232][T10192] WARNING: possible circular locking dependency detected [ 253.111232][T10192] 5.10.0-rc1-syzkaller #0 Not tainted [ 253.111232][T10192] ------------------------------------------------------ [ 253.111232][T10192] io_wq_manager/10192 is trying to acquire lock: [ 253.111232][T10192] ffffffff8b328558 ((console_sem).lock){-...}-{2:2}, at: down_trylock+0xe/0x60 [ 253.111232][T10192] [ 253.111232][T10192] but task is already holding lock: [ 253.111232][T10192] ffff8880402629c8 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0x98/0x1300 [ 253.111232][T10192] [ 253.111232][T10192] which lock already depends on the new lock. [ 253.111232][T10192] [ 253.111232][T10192] [ 253.111232][T10192] the existing dependency chain (in reverse order) is: [ 253.111232][T10192] [ 253.111232][T10192] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 253.111232][T10192] _raw_spin_lock_irqsave+0x39/0x50 [ 253.111232][T10192] try_to_wake_up+0x98/0x1300 [ 253.111232][T10192] up+0x75/0xb0 [ 253.111232][T10192] __up_console_sem+0x4a/0x80 [ 253.111232][T10192] console_unlock+0x591/0xbb0 [ 253.111232][T10192] vga_remove_vgacon.cold+0x99/0x9e [ 253.111232][T10192] bochs_pci_probe+0xf0/0x3b0 [ 253.111232][T10192] local_pci_probe+0xdb/0x190 [ 253.111232][T10192] pci_device_probe+0x3dd/0x6f0 [ 253.111232][T10192] really_probe+0x291/0xde0 [ 253.111232][T10192] driver_probe_device+0x26b/0x3d0 [ 253.111232][T10192] device_driver_attach+0x228/0x290 [ 253.111232][T10192] __driver_attach+0x15b/0x2f0 [ 253.111232][T10192] bus_for_each_dev+0x147/0x1d0 [ 253.111232][T10192] bus_add_driver+0x3a9/0x630 [ 253.111232][T10192] driver_register+0x220/0x3a0 [ 253.111232][T10192] bochs_init+0x78/0x86 [ 253.111232][T10192] do_one_initcall+0x103/0x650 [ 253.111232][T10192] kernel_init_freeable+0x600/0x684 [ 253.111232][T10192] kernel_init+0xd/0x1b8 [ 253.111232][T10192] ret_from_fork+0x1f/0x30 [ 253.111232][T10192] [ 253.111232][T10192] -> #0 ((console_sem).lock){-...}-{2:2}: [ 253.111232][T10192] __lock_acquire+0x2828/0x5590 [ 253.111232][T10192] lock_acquire+0x1af/0x8b0 [ 253.111232][T10192] _raw_spin_lock_irqsave+0x39/0x50 [ 253.111232][T10192] down_trylock+0xe/0x60 [ 253.111232][T10192] __down_trylock_console_sem+0x3e/0xd0 [ 253.111232][T10192] vprintk_emit+0x14f/0x4c0 [ 253.111232][T10192] vprintk_func+0x8d/0x1e0 [ 253.111232][T10192] printk+0xba/0xed [ 253.111232][T10192] report_bug.cold+0x72/0xab [ 253.111232][T10192] handle_bug+0x3c/0x60 [ 253.111232][T10192] exc_invalid_op+0x14/0x40 [ 253.111232][T10192] asm_exc_invalid_op+0x12/0x20 [ 253.111232][T10192] try_to_wake_up+0xd5e/0x1300 [ 253.111232][T10192] create_io_worker+0x590/0x8d0 [ 253.111232][T10192] io_wq_manager+0x16b/0xb80 [ 253.111232][T10192] kthread+0x3af/0x4a0 [ 253.111232][T10192] ret_from_fork+0x1f/0x30 [ 253.111232][T10192] [ 253.111232][T10192] other info that might help us debug this: [ 253.111232][T10192] [ 253.111232][T10192] Possible unsafe locking scenario: [ 253.111232][T10192] [ 253.111232][T10192] CPU0 CPU1 [ 253.111232][T10192] ---- ---- [ 253.111232][T10192] lock(&p->pi_lock); [ 253.111232][T10192] lock((console_sem).lock); [ 253.111232][T10192] lock(&p->pi_lock); [ 253.111232][T10192] lock((console_sem).lock); [ 253.111232][T10192] [ 253.111232][T10192] *** DEADLOCK *** [ 253.111232][T10192] [ 253.111232][T10192] 1 lock held by io_wq_manager/10192: [ 253.111232][T10192] #0: ffff8880402629c8 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0x98/0x1300 [ 253.111232][T10192] [ 253.111232][T10192] stack backtrace: [ 253.111232][T10192] CPU: 3 PID: 10192 Comm: io_wq_manager Not tainted 5.10.0-rc1-syzkaller #0 [ 253.111232][T10192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014 [ 253.111232][T10192] Call Trace: [ 253.111232][T10192] dump_stack+0x107/0x163 [ 253.111232][T10192] check_noncircular+0x25f/0x2e0 [ 253.111232][T10192] ? print_circular_bug+0x360/0x360 [ 253.111232][T10192] ? lockdep_lock+0xea/0x200 [ 253.111232][T10192] ? alloc_chain_hlocks+0x230/0x770 [ 253.111232][T10192] __lock_acquire+0x2828/0x5590 [ 253.111232][T10192] ? info_print_ext_header.constprop.0+0x280/0x280 [ 253.111232][T10192] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 253.111232][T10192] lock_acquire+0x1af/0x8b0 [ 253.111232][T10192] ? down_trylock+0xe/0x60 [ 253.111232][T10192] ? lock_release+0x710/0x710 [ 253.111232][T10192] ? find_held_lock+0x2d/0x110 [ 253.111232][T10192] ? vprintk_emit+0xdf/0x4c0 [ 253.111232][T10192] ? lock_downgrade+0x6d0/0x6d0 [ 253.111232][T10192] ? vprintk_func+0x8d/0x1e0 [ 253.111232][T10192] _raw_spin_lock_irqsave+0x39/0x50 [ 253.111232][T10192] ? down_trylock+0xe/0x60 [ 253.111232][T10192] down_trylock+0xe/0x60 [ 253.111232][T10192] ? vprintk_func+0x8d/0x1e0 [ 253.111232][T10192] __down_trylock_console_sem+0x3e/0xd0 [ 253.111232][T10192] vprintk_emit+0x14f/0x4c0 [ 253.111232][T10192] vprintk_func+0x8d/0x1e0 [ 253.111232][T10192] printk+0xba/0xed [ 253.111232][T10192] ? record_print_text.cold+0x16/0x16 [ 253.111232][T10192] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 253.111232][T10192] ? report_bug.cold+0x66/0xab [ 253.111232][T10192] ? report_bug+0x192/0x210 [ 253.111232][T10192] ? try_to_wake_up+0xd5e/0x1300 [ 253.111232][T10192] report_bug.cold+0x72/0xab [ 253.111232][T10192] handle_bug+0x3c/0x60 [ 253.111232][T10192] exc_invalid_op+0x14/0x40 [ 253.111232][T10192] asm_exc_invalid_op+0x12/0x20 [ 253.111232][T10192] RIP: 0010:try_to_wake_up+0xd5e/0x1300 [ 253.111232][T10192] Code: 70 02 00 00 65 ff 0d 81 98 b5 7e 4c 8d 75 40 0f 85 da f8 ff ff e8 11 ee b3 ff e9 d0 f8 ff ff 41 bd 01 00 00 00 e9 6e f3 ff ff <0f> 0b e9 2d f6 ff ff 48 8d bd 98 01 00 00 48 b8 00 00 00 00 00 fc [ 253.111232][T10192] RSP: 0018:ffffc90003647d50 EFLAGS: 00010002 [ 253.111232][T10192] RAX: dffffc0000000000 RBX: 1ffff920006c8faf RCX: ffff8880402624f0 [ 253.111232][T10192] RDX: 1ffff1100804c49d RSI: ffffffff83b49fbb RDI: 0000000000000006 [ 253.111232][T10192] RBP: ffff888040262180 R08: 0000000000000008 R09: ffffffff8ceca2cf [ 253.111232][T10192] R10: 0000000000000040 R11: 0000000000000000 R12: 0000000000000202 [ 253.111232][T10192] R13: ffff8880402629b0 R14: ffff8880402621c0 R15: ffff8880402624e8 [ 253.111232][T10192] ? find_first_bit+0x8b/0xb0 [ 253.111232][T10192] ? lock_downgrade+0x6d0/0x6d0 [ 253.111232][T10192] ? migrate_swap_stop+0x9f0/0x9f0 [ 253.111232][T10192] ? rwlock_bug.part.0+0x90/0x90 [ 253.111232][T10192] ? _raw_spin_unlock_irq+0x1f/0x40 [ 253.111232][T10192] create_io_worker+0x590/0x8d0 [ 253.111232][T10192] io_wq_manager+0x16b/0xb80 [ 253.111232][T10192] ? _raw_spin_unlock_irqrestore+0x42/0x50 [ 253.111232][T10192] ? lockdep_hardirqs_on+0x85/0x110 [ 253.111232][T10192] ? io_wq_for_each_worker.isra.0+0x370/0x370 [ 253.111232][T10192] ? __kthread_parkme+0x13f/0x1e0 [ 253.111232][T10192] ? io_wq_for_each_worker.isra.0+0x370/0x370 [ 253.111232][T10192] kthread+0x3af/0x4a0 [ 253.111232][T10192] ? kthread_create_worker_on_cpu+0xf0/0xf0 [ 253.111232][T10192] ret_from_fork+0x1f/0x30 [ 253.111232][T10192] Kernel Offset: disabled [ 253.111232][T10192] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:27:02 Registers: info registers vcpu 0 RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff840d96d1 RDI=ffffffff8fad7a60 RBP=ffffffff8fad7a20 RSP=ffffc900027179c8 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000000 R12=0000000000000037 R13=0000000000000037 R14=ffffffff8fad7a20 R15=dffffc0000000000 RIP=ffffffff840d9728 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 000fffff 00000000 GS =0063 ffff88802cc00000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 000fffff 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000001c8cc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000008 XMM02=0000004c000000000000000100000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffed100c1ab9b1 RBX=ffffed100c1ab9bf RCX=ffffffff83b36f87 RDX=ffffed100c1ab9bf RSI=000000000000006a RDI=ffff888060d5cd89 RBP=ffffed100c1ab9b1 RSP=ffffc900010579d0 R8 =0000000000000001 R9 =ffff888060d5cdf2 R10=ffffed100c1ab9be R11=0000000000000000 R12=0000000001ac2a90 R13=0000000001ac2afa R14=0000000000000000 R15=000000000000006a RIP=ffffffff81b17edb RFL=00010282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fa5f6f70700 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe4ccfb6000 CR3=00000000125d4000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=2031303a37323a373020322020766f4e XMM01=2072656c6c6163205d3935313031545b XMM02=69647261685f7065646b636f6c207369 XMM03=302b657261706572705f6e6f5f737172 XMM04=5d3232313537302e37343220205b203a XMM05=2f322e726f7475636578652d7a797320 XMM06=735f7664000a39353130312f322e726f XMM07=20676e6974746553202e65636e616d72 XMM08=ffffff0000000000ff000000000000ff XMM09=00000000000000000000000000000000 XMM10=ffffff00000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=dffffc0000000000 RBX=fffff520003c6f76 RCX=000000002e182613 RDX=1ffff110025c5981 RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc90001e37ba0 R8 =0000000000000000 R9 =ffffffff8ecc1667 R10=fffffbfff1d982cc R11=0000000000000000 R12=0000000000000002 R13=ffffffff8b337160 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8156294d RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802ce00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000818b000 CR3=000000001c8cc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000008 XMM02=0000004c000000000000000100000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000000000031600 RBX=ffff88801a10a180 RCX=0000000000040000 RDX=ffffc90020f92000 RSI=0000000000000000 RDI=ffffc90002827e10 RBP=ffff888013d90908 RSP=ffffc90002827ea0 R8 =0000000000040000 R9 =ffffc90020e08000 R10=fffff52000504fc2 R11=0000000000000000 R12=ffff888013d90900 R13=0000000000000002 R14=0000000000000000 R15=0000000000000293 RIP=ffffffff81700e89 RFL=00010006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 000fffff 00000000 GS =0063 ffff88802cf00000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000818b02c CR3=000000001c8cc000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000008 XMM02=0000004c000000000000000100000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000