syzkaller login: [ 215.740928][ T1835] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 215.830632][ T1835] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 233.383786][ T1835] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 233.430355][ T1835] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:31064' (ECDSA) to the list of known hosts. 1970/01/01 00:04:25 fuzzer started 1970/01/01 00:04:38 dialing manager at localhost:34379 [ 283.862133][ T2002] cgroup: Unknown subsys name 'net' [ 284.901459][ T2002] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:04:44 syscalls: 2793 1970/01/01 00:04:44 code coverage: enabled 1970/01/01 00:04:44 comparison tracing: enabled 1970/01/01 00:04:44 extra coverage: enabled 1970/01/01 00:04:44 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:04:44 setuid sandbox: enabled 1970/01/01 00:04:44 namespace sandbox: enabled 1970/01/01 00:04:44 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:04:44 fault injection: enabled 1970/01/01 00:04:44 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:04:44 net packet injection: enabled 1970/01/01 00:04:44 net device setup: enabled 1970/01/01 00:04:44 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:04:44 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:04:44 USB emulation: enabled 1970/01/01 00:04:44 hci packet injection: /dev/vhci does not exist 1970/01/01 00:04:44 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:04:44 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:04:50 fetching corpus: 50, signal 37388/39179 (executing program) 1970/01/01 00:04:53 fetching corpus: 100, signal 48965/52402 (executing program) 1970/01/01 00:04:57 fetching corpus: 150, signal 59046/64078 (executing program) 1970/01/01 00:05:00 fetching corpus: 200, signal 65887/72419 (executing program) 1970/01/01 00:05:07 fetching corpus: 250, signal 71570/79571 (executing program) 1970/01/01 00:05:13 fetching corpus: 300, signal 76330/85785 (executing program) 1970/01/01 00:05:22 fetching corpus: 350, signal 81484/92308 (executing program) 1970/01/01 00:05:29 fetching corpus: 400, signal 85596/97775 (executing program) 1970/01/01 00:05:39 fetching corpus: 450, signal 90098/103551 (executing program) 1970/01/01 00:05:54 fetching corpus: 500, signal 93705/108455 (executing program) 1970/01/01 00:06:01 fetching corpus: 550, signal 96642/112679 (executing program) 1970/01/01 00:06:08 fetching corpus: 600, signal 99463/116748 (executing program) 1970/01/01 00:06:18 fetching corpus: 650, signal 101271/119872 (executing program) 1970/01/01 00:06:25 fetching corpus: 700, signal 104582/124355 (executing program) 1970/01/01 00:06:40 fetching corpus: 750, signal 107021/128003 (executing program) 1970/01/01 00:06:48 fetching corpus: 800, signal 109709/131848 (executing program) 1970/01/01 00:06:57 fetching corpus: 850, signal 112794/135953 (executing program) 1970/01/01 00:07:03 fetching corpus: 900, signal 114442/138794 (executing program) 1970/01/01 00:07:10 fetching corpus: 950, signal 117698/143041 (executing program) 1970/01/01 00:07:13 fetching corpus: 1000, signal 120571/146913 (executing program) 1970/01/01 00:07:15 fetching corpus: 1050, signal 122381/149797 (executing program) 1970/01/01 00:07:18 fetching corpus: 1100, signal 124645/153065 (executing program) 1970/01/01 00:07:20 fetching corpus: 1150, signal 126024/155585 (executing program) 1970/01/01 00:07:22 fetching corpus: 1200, signal 127893/158465 (executing program) 1970/01/01 00:07:25 fetching corpus: 1250, signal 129494/161113 (executing program) 1970/01/01 00:07:27 fetching corpus: 1300, signal 132024/164480 (executing program) 1970/01/01 00:07:29 fetching corpus: 1350, signal 133829/167257 (executing program) 1970/01/01 00:07:31 fetching corpus: 1400, signal 135494/169899 (executing program) 1970/01/01 00:07:33 fetching corpus: 1450, signal 136841/172225 (executing program) 1970/01/01 00:07:35 fetching corpus: 1500, signal 138191/174584 (executing program) 1970/01/01 00:07:38 fetching corpus: 1550, signal 139785/177086 (executing program) 1970/01/01 00:07:39 fetching corpus: 1600, signal 140863/179139 (executing program) 1970/01/01 00:07:41 fetching corpus: 1650, signal 142433/181597 (executing program) 1970/01/01 00:07:44 fetching corpus: 1700, signal 143918/183985 (executing program) 1970/01/01 00:07:45 fetching corpus: 1750, signal 145382/186323 (executing program) 1970/01/01 00:07:47 fetching corpus: 1800, signal 146972/188751 (executing program) 1970/01/01 00:07:50 fetching corpus: 1850, signal 148016/190737 (executing program) 1970/01/01 00:07:53 fetching corpus: 1900, signal 149205/192883 (executing program) 1970/01/01 00:07:55 fetching corpus: 1950, signal 150489/195068 (executing program) 1970/01/01 00:07:58 fetching corpus: 2000, signal 151441/196944 (executing program) 1970/01/01 00:08:01 fetching corpus: 2050, signal 152603/198900 (executing program) 1970/01/01 00:08:04 fetching corpus: 2100, signal 154425/201424 (executing program) 1970/01/01 00:08:06 fetching corpus: 2150, signal 155587/203402 (executing program) 1970/01/01 00:08:09 fetching corpus: 2200, signal 157234/205773 (executing program) 1970/01/01 00:08:11 fetching corpus: 2250, signal 158060/207519 (executing program) 1970/01/01 00:08:14 fetching corpus: 2300, signal 159300/209540 (executing program) [ 938.468832][ T28] INFO: task jbd2/vda-8:1770 blocked for more than 430 seconds. [ 938.478938][ T28] Not tainted 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0 [ 938.480917][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 938.482351][ T28] task:jbd2/vda-8 state:D stack: 0 pid: 1770 ppid: 2 flags:0x00000000 [ 938.486155][ T28] Call Trace: [ 938.487629][ T28] [] __schedule+0x506/0x1048 [ 938.493145][ T28] [] schedule+0x66/0x168 [ 938.496535][ T28] [] io_schedule+0x5a/0x88 [ 938.498386][ T28] [] bit_wait_io+0x12/0x70 [ 938.500081][ T28] [] __wait_on_bit+0x7c/0xf6 [ 938.501697][ T28] [] out_of_line_wait_on_bit+0x7a/0x92 [ 938.507701][ T28] [] __wait_on_buffer+0x68/0x7c [ 938.509777][ T28] [] jbd2_journal_commit_transaction+0x2b6a/0x4716 [ 938.511954][ T28] [] kjournald2+0x11a/0x54e [ 938.513797][ T28] [] kthread+0x25c/0x2c6 [ 938.521398][ T28] [] ret_from_exception+0x0/0x14 [ 938.525382][ T28] INFO: task dhcpcd-run-hook:2003 blocked for more than 430 seconds. [ 938.527388][ T28] Not tainted 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0 [ 938.528681][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 938.529923][ T28] task:dhcpcd-run-hook state:D stack: 0 pid: 2003 ppid: 1836 flags:0x00000000 [ 938.539816][ T28] Call Trace: [ 938.541107][ T28] [] __schedule+0x506/0x1048 [ 938.542920][ T28] [] schedule+0x66/0x168 [ 938.546229][ T28] [] io_schedule+0x5a/0x88 [ 938.548817][ T28] [] bit_wait_io+0x12/0x70 [ 938.555653][ T28] [] __wait_on_bit+0x7c/0xf6 [ 938.557764][ T28] [] out_of_line_wait_on_bit+0x7a/0x92 [ 938.560987][ T28] [] do_get_write_access+0x776/0xb18 [ 938.567607][ T28] [] jbd2_journal_get_write_access+0xd8/0x124 [ 938.570500][ T28] [] __ext4_journal_get_write_access+0x122/0x2b6 [ 938.572627][ T28] [] ext4_reserve_inode_write+0x10a/0x164 [ 938.576473][ T28] [] __ext4_mark_inode_dirty+0x100/0x602 [ 938.582366][ T28] [] ext4_dirty_inode+0x90/0xba [ 938.585842][ T28] [] __mark_inode_dirty+0x40a/0xefe [ 938.588332][ T28] [] touch_atime+0x5ea/0x60e [ 938.590035][ T28] [] filemap_read+0x792/0x79c [ 938.596691][ T28] [] generic_file_read_iter+0x238/0x2e6 [ 938.599280][ T28] [] ext4_file_read_iter+0x126/0x336 [ 938.601133][ T28] [] new_sync_read+0x21e/0x340 [ 938.602767][ T28] [] vfs_read+0x290/0x2e6 [ 938.610414][ T28] [] ksys_read+0xb4/0x1b8 [ 938.612507][ T28] [] sys_read+0x28/0x36 [ 938.615438][ T28] [] ret_from_syscall+0x0/0x2 [ 938.617798][ T28] [ 938.617798][ T28] Showing all locks held in the system: [ 938.625781][ T28] 1 lock held by khungtaskd/28: [ 938.627649][ T28] #0: ffffffff83d2b3e8 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x32/0x1fa [ 938.632720][ T28] 6 locks held by kworker/u4:6/903: [ 938.639925][ T28] 2 locks held by getty/1963: [ 938.641482][ T28] #0: ffffffe00dacf098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x48 [ 938.647302][ T28] #1: ffffffd0107f52e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x9a0/0xafa [ 938.656851][ T28] 2 locks held by dhcpcd-run-hook/2003: [ 938.659137][ T28] #0: ffffffe009dde460 (sb_writers#4){.+.+}-{0:0}, at: filemap_read+0x792/0x79c [ 938.668968][ T28] #1: ffffffe009d1a990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x24a/0xad6 [ 938.673835][ T28] [ 938.676355][ T28] ============================================= [ 938.676355][ T28] [ 938.678595][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 938.680631][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0 [ 938.683502][ T28] Hardware name: riscv-virtio,qemu (DT) [ 938.685257][ T28] Call Trace: [ 938.686400][ T28] [] dump_backtrace+0x2e/0x3c [ 938.688431][ T28] SMP: stopping secondary CPUs [ 940.981066][ T28] SMP: failed to stop secondary CPUs 0-1 [ 940.983929][ T28] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:24:36 Registers: info registers vcpu 0 pc ffffffff803eb206 mhartid 0000000000000000 mstatus 00000000000001a0 mip 00000000000002a2 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff80005050 mepc ffffffff803eb206 sepc ffffffff801b07ac mcause 8000000000000003 scause 8000000000000009 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff803eb1e8 x2/sp ffffffe00c82b2d0 x3/gp ffffffff83f9a558 x4/tp ffffffe00c928000 x5/t0 ffffffe00dd912e0 x6/t1 0000000000000001 x7/t2 0000000000000000 x8/s0 ffffffe00c82b360 x9/s1 0000000000000010 x10/a0 ffffffe05adc8880 x11/a1 0000000000000003 x12/a2 1ffffffc0b5b9110 x13/a3 ffffffff800db014 x14/a4 f871ff7b82a33400 x15/a5 0000000000080800 x16/a6 0000000000f00000 x17/a7 ffffffff803eb1a8 x18/s2 ffffffe05add73e0 x19/s3 0000000000000a20 x20/s4 ffffffff85302728 x21/s5 ffffffff83f9e558 x22/s6 ffffffff821cf56a x23/s7 0000000000000000 x24/s8 0000000000081000 x25/s9 ffffffe05ade01b0 x26/s10 ffffffe007b98500 x27/s11 0000000000000000 x28/t3 f871ff7b82a33400 x29/t4 ffffffc40b5bb321 x30/t5 ffffffc40b5bb322 x31/t6 ffffffe00dd91078 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff803f174e mhartid 0000000000000001 mstatus 00000000000000a0 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff80005050 mepc ffffffff8000e732 sepc ffffffff800e2c86 mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff800ccff6 x2/sp ffffffe007783ae0 x3/gp ffffffff83f9a558 x4/tp ffffffe0077ac740 x5/t0 ffffffff852b6bd7 x6/t1 ffffffc40b5beb21 x7/t2 0000000000000000 x8/s0 ffffffe007783bc0 x9/s1 ffffffff83c49370 x10/a0 0000000000001000 x11/a1 0000000000000007 x12/a2 1ffffffc00ef5970 x13/a3 ffffffff82bdb16a x14/a4 ffffffe0d7fbd000 x15/a5 0000000040000000 x16/a6 0000000000f00000 x17/a7 ffffffe05adf590b x18/s2 ffffffe05adf4a80 x19/s3 ffffffe0077ac740 x20/s4 00000000009bb810 x21/s5 ffffffe05adf54c0 x22/s6 ffffffe05adf4a98 x23/s7 0000000000001000 x24/s8 ffffffe00d063418 x25/s9 ffffffe0077acbe0 x26/s10 000000da819bdba4 x27/s11 ffffffe05adf5a80 x28/t3 f871ff7b82a33400 x29/t4 ffffffc40b5beb21 x30/t5 ffffffc40b5beb22 x31/t6 ffffffe007783ae8 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 414fffffe0000000 f3/ft3 43e0000000000000 f4/ft4 3ffe000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000