[ 0.000000][ T0] Booting Linux on physical CPU 0x0000000000 [0x000f0510] [ 0.000000][ T0] Linux version 6.10.0-rc6-syzkaller-g9dafbe7b06a9 (syzkaller@syzkaller) (gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #0 SMP PREEMPT now [ 0.000000][ T0] random: crng init done [ 0.000000][ T0] Machine model: linux,dummy-virt [ 0.000000][ T0] efi: UEFI not found. [ 0.000000][ T0] NUMA: No NUMA configuration found [ 0.000000][ T0] NUMA: Faking a node at [mem 0x0000000040000000-0x00000000bfffffff] [ 0.000000][ T0] NUMA: NODE_DATA [mem 0xbfc0d340-0xbfc10fff] [ 0.000000][ T0] Zone ranges: [ 0.000000][ T0] DMA [mem 0x0000000040000000-0x00000000bfffffff] [ 0.000000][ T0] DMA32 empty [ 0.000000][ T0] Normal empty [ 0.000000][ T0] Device empty [ 0.000000][ T0] Movable zone start for each node [ 0.000000][ T0] Early memory node ranges [ 0.000000][ T0] node 0: [mem 0x0000000040000000-0x00000000bfffffff] [ 0.000000][ T0] Initmem setup node 0 [mem 0x0000000040000000-0x00000000bfffffff] [ 0.000000][ T0] cma: Reserved 32 MiB at 0x00000000bba00000 on node -1 [ 0.000000][ T0] psci: probing for conduit method from DT. [ 0.000000][ T0] psci: PSCIv1.1 detected in firmware. [ 0.000000][ T0] psci: Using standard PSCI v0.2 function IDs [ 0.000000][ T0] psci: Trusted OS migration not required [ 0.000000][ T0] psci: SMC Calling Convention v1.0 [ 0.000000][ T0] ================================================================== [ 0.000000][ T0] BUG: KASAN: invalid-access in setup_arch+0x794/0xa7c [ 0.000000][ T0] Write of size 4 at addr 03ff800084947e10 by task swapper/0 [ 0.000000][ T0] Pointer tag: [03], memory tag: [fe] [ 0.000000][ T0] [ 0.000000][ T0] CPU: 0 PID: 0 Comm: swapper Not tainted 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.000000][ T0] Hardware name: linux,dummy-virt (DT) [ 0.000000][ T0] Call trace: [ 0.000000][ T0] dump_backtrace+0x128/0x214 [ 0.000000][ T0] show_stack+0x2c/0x3c [ 0.000000][ T0] dump_stack_lvl+0x138/0x1c8 [ 0.000000][ T0] print_report+0x118/0x5ac [ 0.000000][ T0] kasan_report+0xc8/0x108 [ 0.000000][ T0] kasan_check_range+0x94/0xb8 [ 0.000000][ T0] __hwasan_store4_noabort+0x20/0x2c [ 0.000000][ T0] setup_arch+0x794/0xa7c [ 0.000000][ T0] start_kernel+0xc0/0xb10 [ 0.000000][ T0] __primary_switched+0x84/0x8c [ 0.000000][ T0] [ 0.000000][ T0] The buggy address belongs to stack of task swapper/0 [ 0.000000][ T0] [ 0.000000][ T0] Memory state around the buggy address: [ 0.000000][ T0] ffff800084947c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe 00 [ 0.000000][ T0] ffff800084947d00: 00 00 00 fe fe 00 00 00 fe fe fe fe fe fe fe fe [ 0.000000][ T0] >ffff800084947e00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 0.000000][ T0] ^ [ 0.000000][ T0] ffff800084947f00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 0.000000][ T0] ffff800084948000: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 0.000000][ T0] ================================================================== [ 0.000000][ T0] Disabling lock debugging due to kernel taint [ 0.000000][ T0] kasan: KernelAddressSanitizer initialized (sw-tags, stacktrace=on) [ 0.000000][ T0] percpu: Embedded 35 pages/cpu s103176 r8192 d31992 u143360 [ 0.000000][ T0] Detected PIPT I-cache on CPU0 [ 0.000000][ T0] CPU features: detected: GIC system register CPU interface [ 0.000000][ T0] CPU features: detected: HCRX_EL2 register [ 0.000000][ T0] CPU features: detected: 52-bit Virtual Addressing (LPA2) [ 0.000000][ T0] CPU features: detected: Virtualization Host Extensions [ 0.000000][ T0] CPU features: detected: Spectre-v4 [ 0.000000][ T0] alternatives: applying boot alternatives [ 0.000000][ T0] Kernel command line: root=/dev/vda console=ttyAMA0 [ 0.000000][ T0] Dentry cache hash table entries: 262144 (order: 9, 2097152 bytes, linear) [ 0.000000][ T0] Inode-cache hash table entries: 131072 (order: 8, 1048576 bytes, linear) [ 0.000000][ T0] Fallback order for Node 0: 0 [ 0.000000][ T0] Built 1 zonelists, mobility grouping on. Total pages: 524288 [ 0.000000][ T0] Policy zone: DMA [ 0.000000][ T0] mem auto-init: stack:all(zero), heap alloc:on, heap free:off [ 0.000000][ T0] stackdepot: allocating hash table via alloc_large_system_hash [ 0.000000][ T0] stackdepot hash table entries: 1048576 (order: 12, 16777216 bytes, linear) [ 0.000000][ T0] software IO TLB: SWIOTLB bounce buffer size adjusted to 2MB [ 0.000000][ T0] software IO TLB: area num 1. [ 0.000000][ T0] software IO TLB: mapped [mem 0x00000000b1d55000-0x00000000b1f55000] (2MB) [ 0.000000][ T0] Memory: 1761408K/2097152K available (58944K kernel code, 4788K rwdata, 13864K rodata, 2048K init, 22780K bss, 302976K reserved, 32768K cma-reserved) [ 0.000000][ T0] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 [ 0.000000][ T0] allocated 4194304 bytes of page_ext [ 0.000000][ T0] trace event string verifier disabled [ 0.000000][ T0] Running RCU self tests [ 0.000000][ T0] Running RCU synchronous self tests [ 0.000000][ T0] rcu: Preemptible hierarchical RCU implementation. [ 0.000000][ T0] rcu: RCU lockdep checking is enabled. [ 0.000000][ T0] rcu: RCU restricting CPUs from NR_CPUS=8 to nr_cpu_ids=1. [ 0.000000][ T0] rcu: RCU callback double-/use-after-free debug is enabled. [ 0.000000][ T0] rcu: RCU debug extended QS entry/exit. [ 0.000000][ T0] Trampoline variant of Tasks RCU enabled. [ 0.000000][ T0] Tracing variant of Tasks RCU enabled. [ 0.000000][ T0] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies. [ 0.000000][ T0] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1 [ 0.000000][ T0] Running RCU synchronous self tests [ 0.000000][ T0] RCU Tasks: Setting shift to 0 and lim to 1 rcu_task_cb_adjust=1. [ 0.000000][ T0] RCU Tasks Trace: Setting shift to 0 and lim to 1 rcu_task_cb_adjust=1. [ 0.000000][ T0] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0 [ 0.000000][ T0] GICv3: GIC: Using split EOI/Deactivate mode [ 0.000000][ T0] GICv3: 256 SPIs implemented [ 0.000000][ T0] GICv3: 0 Extended SPIs implemented [ 0.000000][ T0] Root IRQ handler: gic_handle_irq [ 0.000000][ T0] GICv3: GICv3 features: 16 PPIs [ 0.000000][ T0] GICv3: GICv4 features: [ 0.000000][ T0] GICv3: CPU0: found redistributor 0 region 0:0x00000000080a0000 [ 0.000000][ T0] ITS [mem 0x08080000-0x0809ffff] [ 0.000000][ T0] ITS@0x0000000008080000: Single VMOVP capable [ 0.000000][ T0] ITS@0x0000000008080000: allocated 8192 Devices @46e20000 (indirect, esz 8, psz 64K, shr 1) [ 0.000000][ T0] ITS@0x0000000008080000: allocated 8192 Interrupt Collections @46e30000 (flat, esz 8, psz 64K, shr 1) [ 0.000000][ T0] ITS@0x0000000008080000: allocated 8192 Virtual CPUs @46e40000 (indirect, esz 8, psz 64K, shr 1) [ 0.000000][ T0] GICv3: using LPI property table @0x0000000046e50000 [ 0.000000][ T0] ITS: Allocated DevID ffff as GICv4 proxy device (2 slots) [ 0.000000][ T0] ITS: Enabling GICv4 support [ 0.000000][ T0] GICv3: CPU0: using allocated LPI pending table @0x0000000046e60000 [ 0.000000][ T0] rcu: srcu_init: Setting srcu_struct sizes based on contention. [ 0.000000][ T0] arch_timer: cp15 timer(s) running at 62.50MHz (phys). [ 0.000000][ T0] clocksource: arch_sys_counter: mask: 0x1ffffffffffffff max_cycles: 0x1cd42e208c, max_idle_ns: 881590405314 ns [ 0.000163][ T0] sched_clock: 57 bits at 63MHz, resolution 16ns, wraps every 4398046511096ns [ 0.033080][ T0] Console: colour dummy device 80x25 [ 0.035831][ T0] Lock dependency validator: Copyright (c) 2006 Red Hat, Inc., Ingo Molnar [ 0.036298][ T0] ... MAX_LOCKDEP_SUBCLASSES: 8 [ 0.036700][ T0] ... MAX_LOCK_DEPTH: 48 [ 0.037089][ T0] ... MAX_LOCKDEP_KEYS: 8192 [ 0.037477][ T0] ... CLASSHASH_SIZE: 4096 [ 0.037876][ T0] ... MAX_LOCKDEP_ENTRIES: 131072 [ 0.038269][ T0] ... MAX_LOCKDEP_CHAINS: 65536 [ 0.038633][ T0] ... CHAINHASH_SIZE: 32768 [ 0.039002][ T0] memory used by lock dependency info: 11817 kB [ 0.039399][ T0] memory used for stack traces: 8320 kB [ 0.039771][ T0] per task-struct memory footprint: 1920 bytes [ 0.049275][ T0] Calibrating delay loop (skipped), value calculated using timer frequency.. 125.00 BogoMIPS (lpj=625000) [ 0.050497][ T0] pid_max: default: 32768 minimum: 301 [ 0.064974][ T0] LSM: initializing lsm=lockdown,capability,landlock,yama,safesetid,tomoyo,selinux,ima,evm [ 0.071472][ T0] landlock: Up and running. [ 0.071880][ T0] Yama: becoming mindful. [ 0.075349][ T0] TOMOYO Linux initialized [ 0.077280][ T0] SELinux: Initializing. [ 0.095955][ T0] Mount-cache hash table entries: 4096 (order: 3, 32768 bytes, linear) [ 0.096902][ T0] Mountpoint-cache hash table entries: 4096 (order: 3, 32768 bytes, linear) [ 0.216198][ T0] Running RCU synchronous self tests [ 0.217146][ T0] Running RCU synchronous self tests [ 0.283674][ T1] cacheinfo: Unable to detect cache hierarchy for CPU 0 [ 0.313808][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.318705][ T1] ------------[ cut here ]------------ [ 0.319066][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.320072][ T1] Modules linked in: [ 0.320747][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.321311][ T1] Hardware name: linux,dummy-virt (DT) [ 0.321830][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.322462][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.323106][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.323691][ T1] sp : ffff8000864b79f0 [ 0.323962][ T1] x29: ffff8000864b79f0 x28: 32f0000006f1d7d0 x27: fff000007326d980 [ 0.325054][ T1] x26: d7f0000006818b48 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.326007][ T1] x23: 8df0000006f18020 x22: ffff8000862844b0 x21: d7f0000006818b40 [ 0.326904][ T1] x20: 8df0000006f18000 x19: 8df0000006f18000 x18: 0000000000001220 [ 0.327777][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.328702][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.329595][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.330605][ T1] x8 : ffff78000864b79a x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.331486][ T1] x5 : efff800000000000 x4 : ffff8000864b7980 x3 : 0000000000000000 [ 0.332378][ T1] x2 : 01ff8000864b7940 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.333299][ T1] Call trace: [ 0.333532][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.334223][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.334771][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.335350][ T1] schedule_hrtimeout_range_clock+0x10c/0x334 [ 0.335858][ T1] schedule_hrtimeout+0x30/0x40 [ 0.336332][ T1] wait_task_inactive+0x4b0/0x4d0 [ 0.336982][ T1] __kthread_bind_mask+0x30/0xbc [ 0.337615][ T1] kthread_bind_mask+0x2c/0x3c [ 0.338124][ T1] init_rescuer+0x278/0x2ec [ 0.338594][ T1] workqueue_init+0x270/0x5f4 [ 0.339185][ T1] kernel_init_freeable+0x1dc/0x93c [ 0.339724][ T1] kernel_init+0x28/0x2ac [ 0.340225][ T1] ret_from_fork+0x10/0x20 [ 0.340806][ T1] irq event stamp: 0 [ 0.341072][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.342029][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.342764][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.343491][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.343952][ T1] ---[ end trace 0000000000000000 ]--- [ 0.395117][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.398645][ T1] ------------[ cut here ]------------ [ 0.398877][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.399764][ T1] Modules linked in: [ 0.400142][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B W 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.400662][ T1] Hardware name: linux,dummy-virt (DT) [ 0.400916][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.401444][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.402071][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.402629][ T1] sp : ffff8000864b79f0 [ 0.402852][ T1] x29: ffff8000864b79f0 x28: d2f0000006f2ba90 x27: fff000007326d980 [ 0.403777][ T1] x26: 56f0000006818cf8 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.404659][ T1] x23: 8df0000006f18020 x22: ffff8000862844b0 x21: 56f0000006818cf0 [ 0.405556][ T1] x20: 8df0000006f18000 x19: 8df0000006f18000 x18: 0000000000001220 [ 0.406485][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.407376][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.408255][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.409135][ T1] x8 : ffff78000864b79a x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.410015][ T1] x5 : efff800000000000 x4 : ffff8000864b7980 x3 : 0000000000000000 [ 0.410870][ T1] x2 : 01ff8000864b7940 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.411717][ T1] Call trace: [ 0.411920][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.412547][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.413104][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.413676][ T1] schedule_hrtimeout_range_clock+0x10c/0x334 [ 0.414216][ T1] schedule_hrtimeout+0x30/0x40 [ 0.414678][ T1] wait_task_inactive+0x4b0/0x4d0 [ 0.415340][ T1] __kthread_bind_mask+0x30/0xbc [ 0.415969][ T1] kthread_bind_mask+0x2c/0x3c [ 0.416448][ T1] init_rescuer+0x248/0x2ec [ 0.416922][ T1] workqueue_init+0x270/0x5f4 [ 0.417504][ T1] kernel_init_freeable+0x1dc/0x93c [ 0.418087][ T1] kernel_init+0x28/0x2ac [ 0.418612][ T1] ret_from_fork+0x10/0x20 [ 0.419161][ T1] irq event stamp: 0 [ 0.419375][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.419805][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.420496][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.421172][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.421582][ T1] ---[ end trace 0000000000000000 ]--- [ 0.473848][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.477356][ T1] ------------[ cut here ]------------ [ 0.477571][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.478485][ T1] Modules linked in: [ 0.478841][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B W 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.479378][ T1] Hardware name: linux,dummy-virt (DT) [ 0.479624][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.480155][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.480728][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.481291][ T1] sp : ffff8000864b79e0 [ 0.481514][ T1] x29: ffff8000864b79e0 x28: 12f0000006f31d50 x27: fff000007326d980 [ 0.482469][ T1] x26: 0ff0000006818848 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.483354][ T1] x23: 8df0000006f18020 x22: ffff8000862844b0 x21: 0ff0000006818840 [ 0.484240][ T1] x20: 8df0000006f18000 x19: 8df0000006f18000 x18: 0000000000001220 [ 0.485117][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.486046][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.486932][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.487809][ T1] x8 : ffff78000864b799 x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.488671][ T1] x5 : efff800000000000 x4 : ffff8000864b7970 x3 : 0000000000000000 [ 0.489536][ T1] x2 : 01ff8000864b7930 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.490424][ T1] Call trace: [ 0.490659][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.491306][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.491848][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.492418][ T1] schedule_hrtimeout_range_clock+0x10c/0x334 [ 0.492931][ T1] schedule_hrtimeout+0x30/0x40 [ 0.493396][ T1] wait_task_inactive+0x4b0/0x4d0 [ 0.494084][ T1] __kthread_bind_mask+0x30/0xbc [ 0.494717][ T1] kthread_bind_mask+0x2c/0x3c [ 0.495202][ T1] create_worker+0x27c/0x488 [ 0.495673][ T1] workqueue_init+0x588/0x5f4 [ 0.496261][ T1] kernel_init_freeable+0x1dc/0x93c [ 0.496795][ T1] kernel_init+0x28/0x2ac [ 0.497291][ T1] ret_from_fork+0x10/0x20 [ 0.497821][ T1] irq event stamp: 0 [ 0.498052][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.498490][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.499180][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.499842][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.500273][ T1] ---[ end trace 0000000000000000 ]--- [ 0.560218][ T1] Running RCU Tasks wait API self tests [ 0.560855][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.564278][ T1] ------------[ cut here ]------------ [ 0.564500][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.565378][ T1] Modules linked in: [ 0.565748][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B W 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.566299][ T1] Hardware name: linux,dummy-virt (DT) [ 0.566548][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.567077][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.567652][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.568223][ T1] sp : ffff8000864b7b50 [ 0.568450][ T1] x29: ffff8000864b7b50 x28: 0000000000000000 x27: 0000000000000000 [ 0.569354][ T1] x26: 74f0000006818518 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.570270][ T1] x23: 8df0000006f18020 x22: ffff8000862844b0 x21: 74f0000006818510 [ 0.571166][ T1] x20: 8df0000006f18000 x19: 8df0000006f18000 x18: 0000000000001220 [ 0.572048][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.572932][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.573841][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.574740][ T1] x8 : ffff78000864b7b0 x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.575609][ T1] x5 : efff800000000000 x4 : ffff8000864b7ae0 x3 : 0000000000000000 [ 0.576472][ T1] x2 : 01ff8000864b7aa0 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.577328][ T1] Call trace: [ 0.577523][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.578180][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.578724][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.579296][ T1] __wait_rcu_gp+0x1e8/0x24c [ 0.579793][ T1] synchronize_rcu_tasks_generic+0xec/0x17c [ 0.580379][ T1] rcu_init_tasks_generic+0x104/0x154 [ 0.580878][ T1] kernel_init_freeable+0x1e4/0x93c [ 0.581423][ T1] kernel_init+0x28/0x2ac [ 0.581951][ T1] ret_from_fork+0x10/0x20 [ 0.582482][ T1] irq event stamp: 0 [ 0.582695][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.583147][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.583814][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.584486][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.584906][ T1] ---[ end trace 0000000000000000 ]--- [ 0.594092][ T1] Running RCU Tasks Trace wait API self tests [ 0.594611][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.598051][ T1] ------------[ cut here ]------------ [ 0.598280][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.599142][ T1] Modules linked in: [ 0.599487][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B W 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.600025][ T1] Hardware name: linux,dummy-virt (DT) [ 0.600276][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.600792][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.601383][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.601971][ T1] sp : ffff8000864b7b30 [ 0.602213][ T1] x29: ffff8000864b7b30 x28: 0000000000000000 x27: 0000000000000000 [ 0.603115][ T1] x26: 74f0000006818518 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.603991][ T1] x23: 8df0000006f18020 x22: ffff8000862844b0 x21: 74f0000006818510 [ 0.604880][ T1] x20: 8df0000006f18000 x19: 8df0000006f18000 x18: 0000000000001220 [ 0.605786][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.606693][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.607667][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.608663][ T1] x8 : ffff78000864b7ae x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.609548][ T1] x5 : efff800000000000 x4 : ffff8000864b7ac0 x3 : 0000000000000000 [ 0.610442][ T1] x2 : 01ff8000864b7a80 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.611303][ T1] Call trace: [ 0.611500][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.612146][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.612693][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.613266][ T1] __wait_rcu_gp+0x1e8/0x24c [ 0.613780][ T1] synchronize_rcu_tasks_generic+0xec/0x17c [ 0.614382][ T1] synchronize_rcu_tasks_trace+0x28/0x84 [ 0.614956][ T1] rcu_init_tasks_generic+0x12c/0x154 [ 0.615465][ T1] kernel_init_freeable+0x1e4/0x93c [ 0.616017][ T1] kernel_init+0x28/0x2ac [ 0.616509][ T1] ret_from_fork+0x10/0x20 [ 0.617036][ T1] irq event stamp: 0 [ 0.617247][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.617688][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.618390][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.619072][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.619486][ T1] ---[ end trace 0000000000000000 ]--- [ 0.644674][ T14] Callback from call_rcu_tasks_trace() invoked. [ 0.648179][ T1] rcu: Hierarchical SRCU implementation. [ 0.648638][ T1] rcu: Max phase no-delay instances is 1000. [ 0.847195][ T1] Platform MSI: its@8080000 domain created [ 0.852014][ T1] PCI/MSI: /intc@8000000/its@8080000 domain created [ 0.858600][ T1] EFI services will not be available. [ 0.878197][ T1] smp: Bringing up secondary CPUs ... [ 0.881613][ T1] smp: Brought up 1 node, 1 CPU [ 0.882280][ T1] SMP: Total of 1 processors activated. [ 0.882730][ T1] CPU: All CPU(s) started at EL2 [ 0.883205][ T1] CPU features: detected: Branch Target Identification [ 0.883738][ T1] CPU features: detected: 32-bit EL0 Support [ 0.884147][ T1] CPU features: detected: 32-bit EL1 Support [ 0.884544][ T1] CPU features: detected: ARMv8.4 Translation Table Level [ 0.885047][ T1] CPU features: detected: Data cache clean to the PoU not required for I/D coherence [ 0.888662][ T1] CPU features: detected: Common not Private translations [ 0.889153][ T1] CPU features: detected: CRC32 instructions [ 0.889534][ T1] CPU features: detected: Data cache clean to Point of Deep Persistence [ 0.889967][ T1] CPU features: detected: Data cache clean to Point of Persistence [ 0.890376][ T1] CPU features: detected: Data independent timing control (DIT) [ 0.890758][ T1] CPU features: detected: E0PD [ 0.891144][ T1] CPU features: detected: Enhanced Privileged Access Never [ 0.891522][ T1] CPU features: detected: Enhanced Virtualization Traps [ 0.891910][ T1] CPU features: detected: Fine Grained Traps [ 0.892599][ T1] CPU features: detected: RCpc load-acquire (LDAPR) [ 0.893144][ T1] CPU features: detected: 52-bit Virtual Addressing for KVM (LPA2) [ 0.893562][ T1] CPU features: detected: LSE atomic instructions [ 0.893977][ T1] CPU features: detected: Memory Copy and Memory Set instructions [ 0.894381][ T1] CPU features: detected: Privileged Access Never [ 0.894751][ T1] CPU features: detected: RAS Extension Support [ 0.895136][ T1] CPU features: detected: Random Number Generator [ 0.895512][ T1] CPU features: detected: Speculation barrier (SB) [ 0.898553][ T1] CPU features: detected: Stage-2 Force Write-Back [ 0.899034][ T1] CPU features: detected: Trap EL0 IMPLEMENTATION DEFINED functionality [ 0.899442][ T1] CPU features: detected: TLB range maintenance instructions [ 0.899983][ T1] CPU features: detected: Speculative Store Bypassing Safe (SSBS) [ 0.934733][ T1] alternatives: applying system-wide alternatives [ 1.047983][ T1] CPU features: detected: Hardware dirty bit management on CPU0 [ 1.094504][ T13] Callback from call_rcu_tasks() invoked. [ 1.288334][ T1] devtmpfs: initialized [ 2.022351][ T1] Running RCU synchronous self tests [ 2.024103][ T1] Running RCU synchronous self tests [ 2.031354][ T1] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns [ 2.034263][ T1] futex hash table entries: 256 (order: 3, 32768 bytes, linear) [ 2.694326][ T1] 7104 pages in range for non-PLT usage [ 2.694992][ T1] 498624 pages in range for PLT usage [ 2.730927][ T1] pinctrl core: initialized pinctrl subsystem [ 2.816750][ T1] DMI not present or invalid. [ 3.052579][ T1] NET: Registered PF_NETLINK/PF_ROUTE protocol family [ 3.235399][ T1] DMA: preallocated 256 KiB GFP_KERNEL pool for atomic allocations [ 3.258432][ T1] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations [ 3.302769][ T1] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations [ 3.312433][ T1] audit: initializing netlink subsys (disabled) [ 3.333577][ T24] audit: type=2000 audit(2.880:1): state=initialized audit_enabled=0 res=1 [ 3.496359][ T1] thermal_sys: Registered thermal governor 'step_wise' [ 3.497029][ T1] thermal_sys: Registered thermal governor 'power_allocator' [ 3.503975][ T1] cpuidle: using governor menu [ 3.518331][ T1] hw-breakpoint: found 6 breakpoint and 4 watchpoint registers. [ 3.522486][ T1] ASID allocator initialised with 65536 entries [ 3.567999][ T1] Serial: AMBA PL011 UART driver [ 4.727432][ T1] 9000000.pl011: ttyAMA0 at MMIO 0x9000000 (irq = 14, base_baud = 0) is a PL011 rev1 [ 4.732667][ T1] printk: legacy console [ttyAMA0] enabled [ 5.591648][ T1] HugeTLB: registered 1.00 GiB page size, pre-allocated 0 pages [ 5.593842][ T1] HugeTLB: 0 KiB vmemmap can be freed for a 1.00 GiB page [ 5.607519][ T1] HugeTLB: registered 32.0 MiB page size, pre-allocated 0 pages [ 5.609696][ T1] HugeTLB: 0 KiB vmemmap can be freed for a 32.0 MiB page [ 5.611877][ T1] HugeTLB: registered 2.00 MiB page size, pre-allocated 0 pages [ 5.613885][ T1] HugeTLB: 0 KiB vmemmap can be freed for a 2.00 MiB page [ 5.615725][ T1] HugeTLB: registered 64.0 KiB page size, pre-allocated 0 pages [ 5.629249][ T1] HugeTLB: 0 KiB vmemmap can be freed for a 64.0 KiB page [ 5.790093][ T1] Demotion targets for Node 0: null [ 6.605561][ T1] raid6: neonx8 gen() 62 MB/s [ 6.976882][ T1] raid6: neonx4 gen() 53 MB/s [ 7.335097][ T1] raid6: neonx2 gen() 41 MB/s [ 7.693955][ T1] raid6: neonx1 gen() 29 MB/s [ 8.054655][ T1] raid6: int64x8 gen() 36 MB/s [ 8.411249][ T1] raid6: int64x4 gen() 31 MB/s [ 8.769393][ T1] raid6: int64x2 gen() 23 MB/s [ 9.127431][ T1] raid6: int64x1 gen() 16 MB/s [ 9.129346][ T1] raid6: using algorithm neonx8 gen() 62 MB/s [ 9.486300][ T1] raid6: .... xor() 35 MB/s, rmw enabled [ 9.488380][ T1] raid6: using neon recovery algorithm [ 9.595475][ T1] ACPI: Interpreter disabled. [ 9.685232][ T1] iommu: Default domain type: Translated [ 9.698774][ T1] iommu: DMA domain TLB invalidation policy: strict mode [ 9.908599][ T1] SCSI subsystem initialized [ 10.076958][ T1] usbcore: registered new interface driver usbfs [ 10.097012][ T1] usbcore: registered new interface driver hub [ 10.116485][ T1] usbcore: registered new device driver usb [ 10.288596][ T1] pps_core: LinuxPPS API ver. 1 registered [ 10.290578][ T1] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti [ 10.318465][ T1] PTP clock support registered [ 10.392324][ T1] EDAC MC: Ver: 3.0.0 [ 10.498660][ T1] scmi_core: SCMI protocol bus registered qemu-system-aarch64: terminating on signal 15 from pid 367113 ()