Warning: Permanently added '10.128.0.209' (ECDSA) to the list of known hosts. [ 29.501769] IPVS: ftp: loaded support on port[0] = 21 [ 29.572646] chnl_net:caif_netlink_parms(): no params data found [ 29.652105] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.658962] bridge0: port 1(bridge_slave_0) entered disabled state [ 29.667133] device bridge_slave_0 entered promiscuous mode [ 29.673851] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.680472] bridge0: port 2(bridge_slave_1) entered disabled state [ 29.687649] device bridge_slave_1 entered promiscuous mode [ 29.703638] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 29.712197] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 29.729614] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 29.736743] team0: Port device team_slave_0 added [ 29.742102] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 29.749380] team0: Port device team_slave_1 added [ 29.763359] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 29.769645] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.795581] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 29.806826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 29.813060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 29.839092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 29.852868] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 29.860882] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 29.879225] device hsr_slave_0 entered promiscuous mode [ 29.884772] device hsr_slave_1 entered promiscuous mode [ 29.891204] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 29.898714] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 29.956355] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.962745] bridge0: port 2(bridge_slave_1) entered forwarding state [ 29.969571] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.975962] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.002780] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 30.009776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 30.018718] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 30.026826] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.034621] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.043051] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.052228] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 30.059050] 8021q: adding VLAN 0 to HW filter on device team0 [ 30.067643] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.075148] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.081524] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.090701] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.098392] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.104801] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.120507] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 30.128393] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 30.141468] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 30.151918] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 30.163219] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 30.170482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 30.178846] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 30.186941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 30.196993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 30.208782] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 30.216212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 30.223038] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 30.233013] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 30.282790] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 30.291903] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 30.320402] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 30.327577] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 30.333956] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 30.343479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 30.351653] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 30.358970] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 30.368362] device veth0_vlan entered promiscuous mode [ 30.377378] device veth1_vlan entered promiscuous mode [ 30.383311] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 30.391610] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 30.403737] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 30.412754] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 30.420152] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 30.427482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 30.436762] device veth0_macvtap entered promiscuous mode [ 30.442720] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 30.451849] device veth1_macvtap entered promiscuous mode [ 30.460248] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 30.469258] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 30.479452] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 30.486682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 30.494701] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 30.504371] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 30.511308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 30.575272] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 30.616517] ODEBUG: free active (active state 0) object type: rcu_head hint: (null) [ 30.626116] ------------[ cut here ]------------ [ 30.630849] WARNING: CPU: 0 PID: 7 at lib/debugobjects.c:287 debug_print_object.cold+0xa7/0xdb [ 30.639568] Kernel panic - not syncing: panic_on_warn set ... [ 30.639568] [ 30.646903] CPU: 0 PID: 7 Comm: ksoftirqd/0 Not tainted 4.14.302-syzkaller #0 [ 30.654148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 30.663474] Call Trace: [ 30.666037] dump_stack+0x1b2/0x281 [ 30.669640] panic+0x1f9/0x42d [ 30.672814] ? add_taint.cold+0x16/0x16 [ 30.676761] ? debug_print_object.cold+0xa7/0xdb [ 30.681492] ? debug_print_object.cold+0xa7/0xdb [ 30.686219] __warn.cold+0x20/0x44 [ 30.689735] ? ist_end_non_atomic+0x10/0x10 [ 30.694030] ? debug_print_object.cold+0xa7/0xdb [ 30.698757] report_bug+0x208/0x250 [ 30.702359] do_error_trap+0x195/0x2d0 [ 30.706223] ? math_error+0x2d0/0x2d0 [ 30.710001] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.714819] invalid_op+0x1b/0x40 [ 30.718257] RIP: 0010:debug_print_object.cold+0xa7/0xdb [ 30.723590] RSP: 0018:ffff8880b5417bc0 EFLAGS: 00010086 [ 30.728925] RAX: 0000000000000051 RBX: 0000000000000003 RCX: 0000000000000000 [ 30.736170] RDX: 0000000000000100 RSI: ffffffff878bd020 RDI: ffffed1016a82f6e [ 30.743412] RBP: ffffffff878b2140 R08: 0000000000000051 R09: 0000000000000000 [ 30.750794] R10: 0000000000000000 R11: ffff8880b54081c0 R12: 0000000000000000 [ 30.758040] R13: 0000000000000000 R14: ffff8880b0770040 R15: ffff8880b28ebf18 [ 30.765294] debug_check_no_obj_freed+0x3b7/0x680 [ 30.770111] ? debug_object_deactivate+0x1da/0x2e0 [ 30.775014] ? debug_object_activate+0x490/0x490 [ 30.779742] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 30.785167] kfree+0xb9/0x250 [ 30.788246] __tcindex_destroy+0x2e/0x70 [ 30.792279] ? __tcindex_partial_destroy+0x50/0x50 [ 30.797181] rcu_process_callbacks+0x780/0x1180 [ 30.801823] ? note_gp_changes+0x2f0/0x2f0 [ 30.806029] ? sched_clock+0x2a/0x40 [ 30.809714] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 30.815141] __do_softirq+0x24d/0x9ff [ 30.818934] ? __local_bh_enable_ip+0x170/0x170 [ 30.823575] run_ksoftirqd+0x50/0x1a0 [ 30.827785] smpboot_thread_fn+0x5c1/0x920 [ 30.831994] ? sort_range+0x30/0x30 [ 30.835613] ? sort_range+0x30/0x30 [ 30.839213] kthread+0x30d/0x420 [ 30.842552] ? kthread_create_on_node+0xd0/0xd0 [ 30.847194] ret_from_fork+0x24/0x30 [ 30.850882] [ 30.850884] ====================================================== [ 30.850886] WARNING: possible circular locking dependency detected [ 30.850887] 4.14.302-syzkaller #0 Not tainted [ 30.850889] ------------------------------------------------------ [ 30.850890] ksoftirqd/0/7 is trying to acquire lock: [ 30.850891] ((console_sem).lock){..-.}, at: [] down_trylock+0xe/0x60 [ 30.850895] [ 30.850896] but task is already holding lock: [ 30.850897] (&obj_hash[i].lock){-.-.}, at: [] debug_check_no_obj_freed+0x135/0x680 [ 30.850901] [ 30.850903] which lock already depends on the new lock. [ 30.850903] [ 30.850904] [ 30.850906] the existing dependency chain (in reverse order) is: [ 30.850906] [ 30.850907] -> #5 (&obj_hash[i].lock){-.-.}: [ 30.850911] _raw_spin_lock_irqsave+0x8c/0xc0 [ 30.850913] debug_object_activate+0x10f/0x490 [ 30.850914] enqueue_hrtimer+0x22/0x3b0 [ 30.850915] hrtimer_start_range_ns+0x4a0/0x10b0 [ 30.850917] schedule_hrtimeout_range_clock+0x144/0x320 [ 30.850918] wait_task_inactive+0x469/0x520 [ 30.850920] __kthread_bind_mask+0x1f/0xb0 [ 30.850921] create_worker+0x437/0x6c0 [ 30.850922] workqueue_init+0x4ef/0x756 [ 30.850923] kernel_init_freeable+0x3ac/0x626 [ 30.850925] kernel_init+0xd/0x15d [ 30.850926] ret_from_fork+0x24/0x30 [ 30.850927] [ 30.850927] -> #4 (hrtimer_bases.lock){-.-.}: [ 30.850931] _raw_spin_lock_irqsave+0x8c/0xc0 [ 30.850933] hrtimer_start_range_ns+0x77/0x10b0 [ 30.850934] enqueue_task_rt+0x584/0xf30 [ 30.850936] __sched_setscheduler.constprop.0+0xe73/0x2640 [ 30.850937] sched_setscheduler+0xfa/0x150 [ 30.850938] watchdog_enable+0x11b/0x170 [ 30.850939] smpboot_thread_fn+0x40d/0x920 [ 30.850941] kthread+0x30d/0x420 [ 30.850942] ret_from_fork+0x24/0x30 [ 30.850942] [ 30.850943] -> #3 (&rt_b->rt_runtime_lock){-.-.}: [ 30.850947] _raw_spin_lock+0x2a/0x40 [ 30.850948] enqueue_task_rt+0x514/0xf30 [ 30.850950] __sched_setscheduler.constprop.0+0xe73/0x2640 [ 30.850951] sched_setscheduler+0xfa/0x150 [ 30.850953] watchdog_enable+0x11b/0x170 [ 30.850954] smpboot_thread_fn+0x40d/0x920 [ 30.850955] kthread+0x30d/0x420 [ 30.850956] ret_from_fork+0x24/0x30 [ 30.850957] [ 30.850957] -> #2 (&rq->lock){-.-.}: [ 30.850961] _raw_spin_lock+0x2a/0x40 [ 30.850963] task_fork_fair+0x63/0x550 [ 30.850964] sched_fork+0x39a/0xb60 [ 30.850965] copy_process.part.0+0x15b2/0x71c0 [ 30.850966] _do_fork+0x184/0xc80 [ 30.850968] kernel_thread+0x2f/0x40 [ 30.850969] rest_init+0x1f/0x2a3 [ 30.850970] start_kernel+0x743/0x763 [ 30.850971] secondary_startup_64+0xa5/0xb0 [ 30.850972] [ 30.850972] -> #1 (&p->pi_lock){-.-.}: [ 30.850977] _raw_spin_lock_irqsave+0x8c/0xc0 [ 30.850978] try_to_wake_up+0x6a/0x1100 [ 30.850979] up+0x75/0xb0 [ 30.850980] __up_console_sem+0xa9/0x1b0 [ 30.850981] console_unlock+0x531/0xf20 [ 30.850983] do_con_write+0xb2f/0x19b0 [ 30.850984] con_write+0x21/0xa0 [ 30.850985] n_tty_write+0x352/0xda0 [ 30.850986] tty_write+0x410/0x740 [ 30.850987] __vfs_write+0xe4/0x630 [ 30.850988] vfs_write+0x17f/0x4d0 [ 30.850989] SyS_write+0xf2/0x210 [ 30.850991] do_syscall_64+0x1d5/0x640 [ 30.850992] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 30.850993] [ 30.850993] -> #0 ((console_sem).lock){..-.}: [ 30.850997] lock_acquire+0x170/0x3f0 [ 30.850999] _raw_spin_lock_irqsave+0x8c/0xc0 [ 30.851000] down_trylock+0xe/0x60 [ 30.851001] __down_trylock_console_sem+0x97/0x1e0 [ 30.851003] vprintk_emit+0x1ee/0x620 [ 30.851004] vprintk_func+0x58/0x160 [ 30.851005] printk+0x9e/0xbc [ 30.851006] debug_print_object.cold+0xa7/0xdb [ 30.851008] debug_check_no_obj_freed+0x3b7/0x680 [ 30.851009] kfree+0xb9/0x250 [ 30.851010] __tcindex_destroy+0x2e/0x70 [ 30.851011] rcu_process_callbacks+0x780/0x1180 [ 30.851013] __do_softirq+0x24d/0x9ff [ 30.851014] run_ksoftirqd+0x50/0x1a0 [ 30.851015] smpboot_thread_fn+0x5c1/0x920 [ 30.851016] kthread+0x30d/0x420 [ 30.851017] ret_from_fork+0x24/0x30 [ 30.851018] [ 30.851019] other info that might help us debug this: [ 30.851020] [ 30.851021] Chain exists of: [ 30.851021] (console_sem).lock --> hrtimer_bases.lock --> &obj_hash[i].lock [ 30.851027] [ 30.851028] Possible unsafe locking scenario: [ 30.851029] [ 30.851030] CPU0 CPU1 [ 30.851031] ---- ---- [ 30.851032] lock(&obj_hash[i].lock); [ 30.851035] lock(hrtimer_bases.lock); [ 30.851037] lock(&obj_hash[i].lock); [ 30.851040] lock((console_sem).lock); [ 30.851042] [ 30.851043] *** DEADLOCK *** [ 30.851044] [ 30.851045] 2 locks held by ksoftirqd/0/7: [ 30.851045] #0: (rcu_callback){....}, at: [] rcu_process_callbacks+0x84e/0x1180 [ 30.851050] #1: (&obj_hash[i].lock){-.-.}, at: [] debug_check_no_obj_freed+0x135/0x680 [ 30.851054] [ 30.851055] stack backtrace: [ 30.851057] CPU: 0 PID: 7 Comm: ksoftirqd/0 Not tainted 4.14.302-syzkaller #0 [ 30.851060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 30.851061] Call Trace: [ 30.851062] dump_stack+0x1b2/0x281 [ 30.851063] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 30.851065] __lock_acquire+0x2e0e/0x3f20 [ 30.851066] ? pointer+0x31f/0x9e0 [ 30.851067] ? trace_hardirqs_on+0x10/0x10 [ 30.851068] ? format_decode+0x1cb/0x890 [ 30.851069] ? __lock_acquire+0x2190/0x3f20 [ 30.851071] ? check_preemption_disabled+0x35/0x240 [ 30.851072] ? kvm_clock_read+0x1f/0x30 [ 30.851073] ? kvm_sched_clock_read+0x5/0x10 [ 30.851074] ? sched_clock+0x2a/0x40 [ 30.851076] ? sched_clock_cpu+0x18/0x1b0 [ 30.851077] lock_acquire+0x170/0x3f0 [ 30.851078] ? down_trylock+0xe/0x60 [ 30.851079] ? vprintk_func+0x58/0x160 [ 30.851080] _raw_spin_lock_irqsave+0x8c/0xc0 [ 30.851081] ? down_trylock+0xe/0x60 [ 30.851083] down_trylock+0xe/0x60 [ 30.851084] ? vprintk_func+0x58/0x160 [ 30.851085] ? vprintk_func+0x58/0x160 [ 30.851086] __down_trylock_console_sem+0x97/0x1e0 [ 30.851087] vprintk_emit+0x1ee/0x620 [ 30.851088] vprintk_func+0x58/0x160 [ 30.851090] printk+0x9e/0xbc [ 30.851091] ? log_store.cold+0x16/0x16 [ 30.851092] ? lock_acquire+0x170/0x3f0 [ 30.851093] ? debug_check_no_obj_freed+0x135/0x680 [ 30.851095] debug_print_object.cold+0xa7/0xdb [ 30.851096] debug_check_no_obj_freed+0x3b7/0x680 [ 30.851097] ? debug_object_deactivate+0x1da/0x2e0 [ 30.851099] ? debug_object_activate+0x490/0x490 [ 30.851100] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 30.851101] kfree+0xb9/0x250 [ 30.851102] __tcindex_destroy+0x2e/0x70 [ 30.851104] ? __tcindex_partial_destroy+0x50/0x50 [ 30.851105] rcu_process_callbacks+0x780/0x1180 [ 30.851106] ? note_gp_changes+0x2f0/0x2f0 [ 30.851107] ? sched_clock+0x2a/0x40 [ 30.851109] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 30.851110] __do_softirq+0x24d/0x9ff [ 30.851111] ? __local_bh_enable_ip+0x170/0x170 [ 30.851113] run_ksoftirqd+0x50/0x1a0 [ 30.851114] smpboot_thread_fn+0x5c1/0x920 [ 30.851115] ? sort_range+0x30/0x30 [ 30.851116] ? sort_range+0x30/0x30 [ 30.851117] kthread+0x30d/0x420 [ 30.851118] ? kthread_create_on_node+0xd0/0xd0 [ 30.851120] ret_from_fork+0x24/0x30 [ 31.940668] Shutting down cpus with NMI [ 32.676257] Kernel Offset: disabled [ 32.679866] Rebooting in 86400 seconds..