[ 0.000000][ T0] Booting Linux on physical CPU 0x0000000000 [0x000f0510] [ 0.000000][ T0] Linux version 6.10.0-rc6-syzkaller-g9dafbe7b06a9 (syzkaller@syzkaller) (gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #0 SMP PREEMPT now [ 0.000000][ T0] random: crng init done [ 0.000000][ T0] Machine model: linux,dummy-virt [ 0.000000][ T0] efi: UEFI not found. [ 0.000000][ T0] NUMA: No NUMA configuration found [ 0.000000][ T0] NUMA: Faking a node at [mem 0x0000000040000000-0x00000000bfffffff] [ 0.000000][ T0] NUMA: NODE_DATA [mem 0xbfc0d340-0xbfc10fff] [ 0.000000][ T0] Zone ranges: [ 0.000000][ T0] DMA [mem 0x0000000040000000-0x00000000bfffffff] [ 0.000000][ T0] DMA32 empty [ 0.000000][ T0] Normal empty [ 0.000000][ T0] Device empty [ 0.000000][ T0] Movable zone start for each node [ 0.000000][ T0] Early memory node ranges [ 0.000000][ T0] node 0: [mem 0x0000000040000000-0x00000000bfffffff] [ 0.000000][ T0] Initmem setup node 0 [mem 0x0000000040000000-0x00000000bfffffff] [ 0.000000][ T0] cma: Reserved 32 MiB at 0x00000000bba00000 on node -1 [ 0.000000][ T0] psci: probing for conduit method from DT. [ 0.000000][ T0] psci: PSCIv1.1 detected in firmware. [ 0.000000][ T0] psci: Using standard PSCI v0.2 function IDs [ 0.000000][ T0] psci: Trusted OS migration not required [ 0.000000][ T0] psci: SMC Calling Convention v1.0 [ 0.000000][ T0] ================================================================== [ 0.000000][ T0] BUG: KASAN: invalid-access in setup_arch+0x794/0xa7c [ 0.000000][ T0] Write of size 4 at addr 03ff800084947e10 by task swapper/0 [ 0.000000][ T0] Pointer tag: [03], memory tag: [fe] [ 0.000000][ T0] [ 0.000000][ T0] CPU: 0 PID: 0 Comm: swapper Not tainted 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.000000][ T0] Hardware name: linux,dummy-virt (DT) [ 0.000000][ T0] Call trace: [ 0.000000][ T0] dump_backtrace+0x128/0x214 [ 0.000000][ T0] show_stack+0x2c/0x3c [ 0.000000][ T0] dump_stack_lvl+0x138/0x1c8 [ 0.000000][ T0] print_report+0x118/0x5ac [ 0.000000][ T0] kasan_report+0xc8/0x108 [ 0.000000][ T0] kasan_check_range+0x94/0xb8 [ 0.000000][ T0] __hwasan_store4_noabort+0x20/0x2c [ 0.000000][ T0] setup_arch+0x794/0xa7c [ 0.000000][ T0] start_kernel+0xc0/0xb10 [ 0.000000][ T0] __primary_switched+0x84/0x8c [ 0.000000][ T0] [ 0.000000][ T0] The buggy address belongs to stack of task swapper/0 [ 0.000000][ T0] [ 0.000000][ T0] Memory state around the buggy address: [ 0.000000][ T0] ffff800084947c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe 00 [ 0.000000][ T0] ffff800084947d00: 00 00 00 fe fe 00 00 00 fe fe fe fe fe fe fe fe [ 0.000000][ T0] >ffff800084947e00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 0.000000][ T0] ^ [ 0.000000][ T0] ffff800084947f00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 0.000000][ T0] ffff800084948000: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 0.000000][ T0] ================================================================== [ 0.000000][ T0] Disabling lock debugging due to kernel taint [ 0.000000][ T0] kasan: KernelAddressSanitizer initialized (sw-tags, stacktrace=on) [ 0.000000][ T0] percpu: Embedded 35 pages/cpu s103176 r8192 d31992 u143360 [ 0.000000][ T0] Detected PIPT I-cache on CPU0 [ 0.000000][ T0] CPU features: detected: GIC system register CPU interface [ 0.000000][ T0] CPU features: detected: HCRX_EL2 register [ 0.000000][ T0] CPU features: detected: 52-bit Virtual Addressing (LPA2) [ 0.000000][ T0] CPU features: detected: Virtualization Host Extensions [ 0.000000][ T0] CPU features: detected: Spectre-v4 [ 0.000000][ T0] alternatives: applying boot alternatives [ 0.000000][ T0] Kernel command line: root=/dev/vda console=ttyAMA0 [ 0.000000][ T0] Dentry cache hash table entries: 262144 (order: 9, 2097152 bytes, linear) [ 0.000000][ T0] Inode-cache hash table entries: 131072 (order: 8, 1048576 bytes, linear) [ 0.000000][ T0] Fallback order for Node 0: 0 [ 0.000000][ T0] Built 1 zonelists, mobility grouping on. Total pages: 524288 [ 0.000000][ T0] Policy zone: DMA [ 0.000000][ T0] mem auto-init: stack:all(zero), heap alloc:on, heap free:off [ 0.000000][ T0] stackdepot: allocating hash table via alloc_large_system_hash [ 0.000000][ T0] stackdepot hash table entries: 1048576 (order: 12, 16777216 bytes, linear) [ 0.000000][ T0] software IO TLB: SWIOTLB bounce buffer size adjusted to 2MB [ 0.000000][ T0] software IO TLB: area num 1. [ 0.000000][ T0] software IO TLB: mapped [mem 0x00000000b1d55000-0x00000000b1f55000] (2MB) [ 0.000000][ T0] Memory: 1761408K/2097152K available (58944K kernel code, 4788K rwdata, 13864K rodata, 2048K init, 22780K bss, 302976K reserved, 32768K cma-reserved) [ 0.000000][ T0] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 [ 0.000000][ T0] allocated 4194304 bytes of page_ext [ 0.000000][ T0] trace event string verifier disabled [ 0.000000][ T0] Running RCU self tests [ 0.000000][ T0] Running RCU synchronous self tests [ 0.000000][ T0] rcu: Preemptible hierarchical RCU implementation. [ 0.000000][ T0] rcu: RCU lockdep checking is enabled. [ 0.000000][ T0] rcu: RCU restricting CPUs from NR_CPUS=8 to nr_cpu_ids=1. [ 0.000000][ T0] rcu: RCU callback double-/use-after-free debug is enabled. [ 0.000000][ T0] rcu: RCU debug extended QS entry/exit. [ 0.000000][ T0] Trampoline variant of Tasks RCU enabled. [ 0.000000][ T0] Tracing variant of Tasks RCU enabled. [ 0.000000][ T0] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies. [ 0.000000][ T0] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1 [ 0.000000][ T0] Running RCU synchronous self tests [ 0.000000][ T0] RCU Tasks: Setting shift to 0 and lim to 1 rcu_task_cb_adjust=1. [ 0.000000][ T0] RCU Tasks Trace: Setting shift to 0 and lim to 1 rcu_task_cb_adjust=1. [ 0.000000][ T0] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0 [ 0.000000][ T0] GICv3: GIC: Using split EOI/Deactivate mode [ 0.000000][ T0] GICv3: 256 SPIs implemented [ 0.000000][ T0] GICv3: 0 Extended SPIs implemented [ 0.000000][ T0] Root IRQ handler: gic_handle_irq [ 0.000000][ T0] GICv3: GICv3 features: 16 PPIs [ 0.000000][ T0] GICv3: GICv4 features: [ 0.000000][ T0] GICv3: CPU0: found redistributor 0 region 0:0x00000000080a0000 [ 0.000000][ T0] ITS [mem 0x08080000-0x0809ffff] [ 0.000000][ T0] ITS@0x0000000008080000: Single VMOVP capable [ 0.000000][ T0] ITS@0x0000000008080000: allocated 8192 Devices @46e20000 (indirect, esz 8, psz 64K, shr 1) [ 0.000000][ T0] ITS@0x0000000008080000: allocated 8192 Interrupt Collections @46e30000 (flat, esz 8, psz 64K, shr 1) [ 0.000000][ T0] ITS@0x0000000008080000: allocated 8192 Virtual CPUs @46e40000 (indirect, esz 8, psz 64K, shr 1) [ 0.000000][ T0] GICv3: using LPI property table @0x0000000046e50000 [ 0.000000][ T0] ITS: Allocated DevID ffff as GICv4 proxy device (2 slots) [ 0.000000][ T0] ITS: Enabling GICv4 support [ 0.000000][ T0] GICv3: CPU0: using allocated LPI pending table @0x0000000046e60000 [ 0.000000][ T0] rcu: srcu_init: Setting srcu_struct sizes based on contention. [ 0.000000][ T0] arch_timer: cp15 timer(s) running at 62.50MHz (phys). [ 0.000000][ T0] clocksource: arch_sys_counter: mask: 0x1ffffffffffffff max_cycles: 0x1cd42e208c, max_idle_ns: 881590405314 ns [ 0.000151][ T0] sched_clock: 57 bits at 63MHz, resolution 16ns, wraps every 4398046511096ns [ 0.033393][ T0] Console: colour dummy device 80x25 [ 0.036168][ T0] Lock dependency validator: Copyright (c) 2006 Red Hat, Inc., Ingo Molnar [ 0.036618][ T0] ... MAX_LOCKDEP_SUBCLASSES: 8 [ 0.037051][ T0] ... MAX_LOCK_DEPTH: 48 [ 0.037435][ T0] ... MAX_LOCKDEP_KEYS: 8192 [ 0.037817][ T0] ... CLASSHASH_SIZE: 4096 [ 0.038204][ T0] ... MAX_LOCKDEP_ENTRIES: 131072 [ 0.038609][ T0] ... MAX_LOCKDEP_CHAINS: 65536 [ 0.039012][ T0] ... CHAINHASH_SIZE: 32768 [ 0.039379][ T0] memory used by lock dependency info: 11817 kB [ 0.039770][ T0] memory used for stack traces: 8320 kB [ 0.040140][ T0] per task-struct memory footprint: 1920 bytes [ 0.047844][ T0] Calibrating delay loop (skipped), value calculated using timer frequency.. 125.00 BogoMIPS (lpj=625000) [ 0.049022][ T0] pid_max: default: 32768 minimum: 301 [ 0.062471][ T0] LSM: initializing lsm=lockdown,capability,landlock,yama,safesetid,tomoyo,selinux,ima,evm [ 0.070157][ T0] landlock: Up and running. [ 0.070598][ T0] Yama: becoming mindful. [ 0.073459][ T0] TOMOYO Linux initialized [ 0.076012][ T0] SELinux: Initializing. [ 0.098532][ T0] Mount-cache hash table entries: 4096 (order: 3, 32768 bytes, linear) [ 0.099494][ T0] Mountpoint-cache hash table entries: 4096 (order: 3, 32768 bytes, linear) [ 0.218493][ T0] Running RCU synchronous self tests [ 0.219447][ T0] Running RCU synchronous self tests [ 0.284788][ T1] cacheinfo: Unable to detect cache hierarchy for CPU 0 [ 0.316620][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.321455][ T1] ------------[ cut here ]------------ [ 0.321821][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.322855][ T1] Modules linked in: [ 0.323540][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.324118][ T1] Hardware name: linux,dummy-virt (DT) [ 0.324633][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.325260][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.325909][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.326525][ T1] sp : ffff8000864b79f0 [ 0.326826][ T1] x29: ffff8000864b79f0 x28: f3f0000006f1d7d0 x27: fff000007326d980 [ 0.327928][ T1] x26: 34f0000006818b48 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.328853][ T1] x23: 28f0000006f18020 x22: ffff8000862844b0 x21: 34f0000006818b40 [ 0.329763][ T1] x20: 28f0000006f18000 x19: 28f0000006f18000 x18: 0000000000001220 [ 0.330684][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.331594][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.332505][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.333494][ T1] x8 : ffff78000864b79a x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.334387][ T1] x5 : efff800000000000 x4 : ffff8000864b7980 x3 : 0000000000000000 [ 0.335301][ T1] x2 : 01ff8000864b7940 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.336248][ T1] Call trace: [ 0.336487][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.337159][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.337723][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.338298][ T1] schedule_hrtimeout_range_clock+0x10c/0x334 [ 0.338871][ T1] schedule_hrtimeout+0x30/0x40 [ 0.339350][ T1] wait_task_inactive+0x4b0/0x4d0 [ 0.340028][ T1] __kthread_bind_mask+0x30/0xbc [ 0.340677][ T1] kthread_bind_mask+0x2c/0x3c [ 0.341170][ T1] init_rescuer+0x278/0x2ec [ 0.341656][ T1] workqueue_init+0x270/0x5f4 [ 0.342294][ T1] kernel_init_freeable+0x1dc/0x93c [ 0.342913][ T1] kernel_init+0x28/0x2ac [ 0.343420][ T1] ret_from_fork+0x10/0x20 [ 0.344032][ T1] irq event stamp: 0 [ 0.344284][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.345258][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.346028][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.346805][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.347277][ T1] ---[ end trace 0000000000000000 ]--- [ 0.398956][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.402456][ T1] ------------[ cut here ]------------ [ 0.402695][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.403595][ T1] Modules linked in: [ 0.403979][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B W 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.404508][ T1] Hardware name: linux,dummy-virt (DT) [ 0.404779][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.405312][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.405919][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.406501][ T1] sp : ffff8000864b79f0 [ 0.406760][ T1] x29: ffff8000864b79f0 x28: 4df0000006f2ba90 x27: fff000007326d980 [ 0.407705][ T1] x26: c9f0000006818cf8 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.408599][ T1] x23: 28f0000006f18020 x22: ffff8000862844b0 x21: c9f0000006818cf0 [ 0.409507][ T1] x20: 28f0000006f18000 x19: 28f0000006f18000 x18: 0000000000001220 [ 0.410410][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.411359][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.412281][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.413190][ T1] x8 : ffff78000864b79a x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.414071][ T1] x5 : efff800000000000 x4 : ffff8000864b7980 x3 : 0000000000000000 [ 0.414981][ T1] x2 : 01ff8000864b7940 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.415859][ T1] Call trace: [ 0.416059][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.416704][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.417268][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.417851][ T1] schedule_hrtimeout_range_clock+0x10c/0x334 [ 0.418370][ T1] schedule_hrtimeout+0x30/0x40 [ 0.418882][ T1] wait_task_inactive+0x4b0/0x4d0 [ 0.419543][ T1] __kthread_bind_mask+0x30/0xbc [ 0.420198][ T1] kthread_bind_mask+0x2c/0x3c [ 0.420684][ T1] init_rescuer+0x248/0x2ec [ 0.421167][ T1] workqueue_init+0x270/0x5f4 [ 0.421764][ T1] kernel_init_freeable+0x1dc/0x93c [ 0.422316][ T1] kernel_init+0x28/0x2ac [ 0.422872][ T1] ret_from_fork+0x10/0x20 [ 0.423406][ T1] irq event stamp: 0 [ 0.423622][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.424091][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.424792][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.425511][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.425967][ T1] ---[ end trace 0000000000000000 ]--- [ 0.476854][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.480380][ T1] ------------[ cut here ]------------ [ 0.480614][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.481518][ T1] Modules linked in: [ 0.481899][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B W 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.482428][ T1] Hardware name: linux,dummy-virt (DT) [ 0.482717][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.483263][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.483871][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.484431][ T1] sp : ffff8000864b79e0 [ 0.484670][ T1] x29: ffff8000864b79e0 x28: abf0000006f31d50 x27: fff000007326d980 [ 0.485601][ T1] x26: 34f0000006818848 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.486532][ T1] x23: 28f0000006f18020 x22: ffff8000862844b0 x21: 34f0000006818840 [ 0.487454][ T1] x20: 28f0000006f18000 x19: 28f0000006f18000 x18: 0000000000001220 [ 0.488360][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.489272][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.490181][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.491122][ T1] x8 : ffff78000864b799 x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.492010][ T1] x5 : efff800000000000 x4 : ffff8000864b7970 x3 : 0000000000000000 [ 0.492892][ T1] x2 : 01ff8000864b7930 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.493768][ T1] Call trace: [ 0.493972][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.494623][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.495208][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.495790][ T1] schedule_hrtimeout_range_clock+0x10c/0x334 [ 0.496321][ T1] schedule_hrtimeout+0x30/0x40 [ 0.496815][ T1] wait_task_inactive+0x4b0/0x4d0 [ 0.497477][ T1] __kthread_bind_mask+0x30/0xbc [ 0.498133][ T1] kthread_bind_mask+0x2c/0x3c [ 0.498636][ T1] create_worker+0x27c/0x488 [ 0.499139][ T1] workqueue_init+0x588/0x5f4 [ 0.499734][ T1] kernel_init_freeable+0x1dc/0x93c [ 0.500290][ T1] kernel_init+0x28/0x2ac [ 0.500798][ T1] ret_from_fork+0x10/0x20 [ 0.501321][ T1] irq event stamp: 0 [ 0.501535][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.502002][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.502712][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.503403][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.503847][ T1] ---[ end trace 0000000000000000 ]--- [ 0.564330][ T1] Running RCU Tasks wait API self tests [ 0.565007][ T1] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.568424][ T1] ------------[ cut here ]------------ [ 0.568661][ T1] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.569576][ T1] Modules linked in: [ 0.569964][ T1] CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B W 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.570522][ T1] Hardware name: linux,dummy-virt (DT) [ 0.570813][ T1] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.571354][ T1] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.571961][ T1] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.572516][ T1] sp : ffff8000864b7b50 [ 0.572765][ T1] x29: ffff8000864b7b50 x28: 0000000000000000 x27: 0000000000000000 [ 0.573726][ T1] x26: 37f0000006818518 x25: 0000000000000000 x24: ffff8000863025d8 [ 0.574669][ T1] x23: 28f0000006f18020 x22: ffff8000862844b0 x21: 37f0000006818510 [ 0.575590][ T1] x20: 28f0000006f18000 x19: 28f0000006f18000 x18: 0000000000001220 [ 0.576503][ T1] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.577422][ T1] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.578335][ T1] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.579275][ T1] x8 : ffff78000864b7b0 x7 : 0000000000000000 x6 : fffe8000006f1800 [ 0.580173][ T1] x5 : efff800000000000 x4 : ffff8000864b7ae0 x3 : 0000000000000000 [ 0.581060][ T1] x2 : 01ff8000864b7aa0 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.581941][ T1] Call trace: [ 0.582140][ T1] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.582815][ T1] __debug_object_init+0x1f8/0x2b0 [ 0.583379][ T1] debug_object_init_on_stack+0x24/0x30 [ 0.583972][ T1] __wait_rcu_gp+0x1e8/0x24c [ 0.584486][ T1] synchronize_rcu_tasks_generic+0xec/0x17c [ 0.585088][ T1] rcu_init_tasks_generic+0x104/0x154 [ 0.585590][ T1] kernel_init_freeable+0x1e4/0x93c [ 0.586166][ T1] kernel_init+0x28/0x2ac [ 0.586699][ T1] ret_from_fork+0x10/0x20 [ 0.587250][ T1] irq event stamp: 0 [ 0.587470][ T1] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.587931][ T1] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.588608][ T1] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.589296][ T1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.589727][ T1] ---[ end trace 0000000000000000 ]--- [ 0.602273][ T13] ODEBUG: object (____ptrval____) is NOT on stack (____ptrval____), but annotated. [ 0.605763][ T13] ------------[ cut here ]------------ [ 0.605977][ T13] WARNING: CPU: 0 PID: 13 at lib/debugobjects.c:557 lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.606880][ T13] Modules linked in: [ 0.607234][ T13] CPU: 0 PID: 13 Comm: rcu_tasks_kthre Tainted: G B W 6.10.0-rc6-syzkaller-g9dafbe7b06a9 #0 [ 0.607800][ T13] Hardware name: linux,dummy-virt (DT) [ 0.608054][ T13] pstate: 600000c9 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 0.608579][ T13] pc : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.609177][ T13] lr : lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.609733][ T13] sp : ffff800086577bf0 [ 0.609972][ T13] x29: ffff800086577bf0 x28: 0000000000000000 x27: 0000000000000000 [ 0.610925][ T13] x26: 37f0000006818518 x25: 0000000000000000 x24: ffff800086363928 [ 0.611847][ T13] x23: d0f0000006f38020 x22: ffff8000862844b0 x21: 37f0000006818510 [ 0.612762][ T13] x20: d0f0000006f38000 x19: d0f0000006f38000 x18: 0000000000001220 [ 0.613657][ T13] x17: 295f5f5f5f6c6176 x16: 7274705f5f5f5f28 x15: 206b63617473206e [ 0.614587][ T13] x14: 6f20544f4e207369 x13: 2e64657461746f6e x12: 6e6120747562202c [ 0.615515][ T13] x11: 295f5f5f5f6c6176 x10: 7274705f5f5f5f28 x9 : 20295f5f5f5f6c61 [ 0.616438][ T13] x8 : ffff7800086577ba x7 : 0000000000000000 x6 : fffe8000006f3800 [ 0.617367][ T13] x5 : efff800000000000 x4 : ffff800086577b80 x3 : 0000000000000000 [ 0.618254][ T13] x2 : 01ff800086577b40 x1 : 0000000000000000 x0 : 0000000000000050 [ 0.619183][ T13] Call trace: [ 0.619386][ T13] lookup_object_or_alloc.part.0+0x1c8/0x478 [ 0.620032][ T13] __debug_object_init+0x1f8/0x2b0 [ 0.620579][ T13] debug_object_init_on_stack+0x24/0x30 [ 0.621153][ T13] schedule_timeout+0xe4/0x1f8 [ 0.621805][ T13] schedule_timeout_idle+0x4c/0x5c [ 0.622274][ T13] rcu_tasks_kthread+0x134/0x138 [ 0.622869][ T13] kthread+0x1d4/0x1e8 [ 0.623479][ T13] ret_from_fork+0x10/0x20 [ 0.624026][ T13] irq event stamp: 0 [ 0.624243][ T13] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 0.624692][ T13] hardirqs last disabled at (0): [] copy_process+0xda0/0x36a4 [ 0.625365][ T13] softirqs last enabled at (0): [] copy_process+0xda0/0x36a4 [ 0.626037][ T13] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 0.626489][ T13] ---[ end trace 0000000000000000 ]--- [ 0.628232][ T1] Running RCU Tasks Trace wait API self tests [ 0.651679][ T14] Callback from call_rcu_tasks_trace() invoked. [ 0.655691][ T1] rcu: Hierarchical SRCU implementation. [ 0.656187][ T1] rcu: Max phase no-delay instances is 1000. [ 0.869059][ T1] Platform MSI: its@8080000 domain created [ 0.874872][ T1] PCI/MSI: /intc@8000000/its@8080000 domain created [ 0.878737][ T1] EFI services will not be available. [ 0.907147][ T1] smp: Bringing up secondary CPUs ... [ 0.910679][ T1] smp: Brought up 1 node, 1 CPU [ 0.911376][ T1] SMP: Total of 1 processors activated. [ 0.911873][ T1] CPU: All CPU(s) started at EL2 [ 0.912348][ T1] CPU features: detected: Branch Target Identification [ 0.912870][ T1] CPU features: detected: 32-bit EL0 Support [ 0.913254][ T1] CPU features: detected: 32-bit EL1 Support [ 0.913654][ T1] CPU features: detected: ARMv8.4 Translation Table Level [ 0.915565][ T1] CPU features: detected: Data cache clean to the PoU not required for I/D coherence [ 0.916201][ T1] CPU features: detected: Common not Private translations [ 0.916615][ T1] CPU features: detected: CRC32 instructions [ 0.917017][ T1] CPU features: detected: Data cache clean to Point of Deep Persistence [ 0.917411][ T1] CPU features: detected: Data cache clean to Point of Persistence [ 0.917808][ T1] CPU features: detected: Data independent timing control (DIT) [ 0.918202][ T1] CPU features: detected: E0PD [ 0.918608][ T1] CPU features: detected: Enhanced Privileged Access Never [ 0.919035][ T1] CPU features: detected: Enhanced Virtualization Traps [ 0.919440][ T1] CPU features: detected: Fine Grained Traps [ 0.920185][ T1] CPU features: detected: RCpc load-acquire (LDAPR) [ 0.920728][ T1] CPU features: detected: 52-bit Virtual Addressing for KVM (LPA2) [ 0.921156][ T1] CPU features: detected: LSE atomic instructions [ 0.921539][ T1] CPU features: detected: Memory Copy and Memory Set instructions [ 0.921951][ T1] CPU features: detected: Privileged Access Never [ 0.922327][ T1] CPU features: detected: RAS Extension Support [ 0.922743][ T1] CPU features: detected: Random Number Generator [ 0.923134][ T1] CPU features: detected: Speculation barrier (SB) [ 0.923506][ T1] CPU features: detected: Stage-2 Force Write-Back [ 0.923912][ T1] CPU features: detected: Trap EL0 IMPLEMENTATION DEFINED functionality [ 0.924312][ T1] CPU features: detected: TLB range maintenance instructions [ 0.927073][ T1] CPU features: detected: Speculative Store Bypassing Safe (SSBS) [ 0.970104][ T1] alternatives: applying system-wide alternatives [ 1.084268][ T1] CPU features: detected: Hardware dirty bit management on CPU0 [ 1.109174][ T13] Callback from call_rcu_tasks() invoked. [ 1.319085][ T1] devtmpfs: initialized [ 2.040230][ T1] Running RCU synchronous self tests [ 2.041935][ T1] Running RCU synchronous self tests [ 2.047717][ T1] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns [ 2.052719][ T1] futex hash table entries: 256 (order: 3, 32768 bytes, linear) [ 2.707537][ T1] 7104 pages in range for non-PLT usage [ 2.708216][ T1] 498624 pages in range for PLT usage [ 2.743183][ T1] pinctrl core: initialized pinctrl subsystem [ 2.828900][ T1] DMI not present or invalid. [ 3.065451][ T1] NET: Registered PF_NETLINK/PF_ROUTE protocol family [ 3.243858][ T1] DMA: preallocated 256 KiB GFP_KERNEL pool for atomic allocations [ 3.267097][ T1] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations [ 3.310627][ T1] DMA: preallocated 256 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations [ 3.320325][ T1] audit: initializing netlink subsys (disabled) [ 3.341114][ T24] audit: type=2000 audit(2.880:1): state=initialized audit_enabled=0 res=1 [ 3.505486][ T1] thermal_sys: Registered thermal governor 'step_wise' [ 3.506140][ T1] thermal_sys: Registered thermal governor 'power_allocator' [ 3.512866][ T1] cpuidle: using governor menu [ 3.527696][ T1] hw-breakpoint: found 6 breakpoint and 4 watchpoint registers. [ 3.531768][ T1] ASID allocator initialised with 65536 entries [ 3.577401][ T1] Serial: AMBA PL011 UART driver [ 4.730301][ T1] 9000000.pl011: ttyAMA0 at MMIO 0x9000000 (irq = 14, base_baud = 0) is a PL011 rev1 [ 4.735549][ T1] printk: legacy console [ttyAMA0] enabled [ 5.587947][ T1] HugeTLB: registered 1.00 GiB page size, pre-allocated 0 pages [ 5.590043][ T1] HugeTLB: 0 KiB vmemmap can be freed for a 1.00 GiB page [ 5.592322][ T1] HugeTLB: registered 32.0 MiB page size, pre-allocated 0 pages [ 5.594361][ T1] HugeTLB: 0 KiB vmemmap can be freed for a 32.0 MiB page [ 5.607884][ T1] HugeTLB: registered 2.00 MiB page size, pre-allocated 0 pages [ 5.609961][ T1] HugeTLB: 0 KiB vmemmap can be freed for a 2.00 MiB page [ 5.612096][ T1] HugeTLB: registered 64.0 KiB page size, pre-allocated 0 pages [ 5.614075][ T1] HugeTLB: 0 KiB vmemmap can be freed for a 64.0 KiB page [ 5.789630][ T1] Demotion targets for Node 0: null [ 6.596305][ T1] raid6: neonx8 gen() 63 MB/s [ 6.963260][ T1] raid6: neonx4 gen() 53 MB/s [ 7.315374][ T1] raid6: neonx2 gen() 41 MB/s [ 7.675451][ T1] raid6: neonx1 gen() 29 MB/s [ 8.045338][ T1] raid6: int64x8 gen() 36 MB/s [ 8.404201][ T1] raid6: int64x4 gen() 31 MB/s [ 8.763063][ T1] raid6: int64x2 gen() 23 MB/s [ 9.122217][ T1] raid6: int64x1 gen() 16 MB/s [ 9.124098][ T1] raid6: using algorithm neonx8 gen() 63 MB/s [ 9.482381][ T1] raid6: .... xor() 35 MB/s, rmw enabled [ 9.484351][ T1] raid6: using neon recovery algorithm [ 9.590660][ T1] ACPI: Interpreter disabled. [ 9.675486][ T1] iommu: Default domain type: Translated [ 9.677356][ T1] iommu: DMA domain TLB invalidation policy: strict mode [ 9.898753][ T1] SCSI subsystem initialized [ 10.067907][ T1] usbcore: registered new interface driver usbfs [ 10.076126][ T1] usbcore: registered new interface driver hub [ 10.094627][ T1] usbcore: registered new device driver usb [ 10.265304][ T1] pps_core: LinuxPPS API ver. 1 registered [ 10.267219][ T1] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti [ 10.295155][ T1] PTP clock support registered [ 10.361496][ T1] EDAC MC: Ver: 3.0.0 [ 10.464944][ T1] scmi_core: SCMI protocol bus registered [ 10.696575][ T1] Advanced Linux Sound Architecture Driver Initialized. [ 11.043123][ T1] NetLabel: Initializing [ 11.044702][ T1] NetLabel: domain hash size = 128 [ 11.057841][ T1] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO [ 11.084427][ T1] NetLabel: unlabeled traffic allowed by default [ 11.132813][ T1] nfc: nfc_init: NFC Core ver 0.1 [ 11.156306][ T1] NET: Registered PF_NFC protocol family [ 11.200343][ T1] vgaarb: loaded [ 11.241259][ T1] clocksource: Switched to clocksource arch_sys_counter [ 11.410640][ T1] VFS: Disk quotas dquot_6.6.0 [ 11.416243][ T1] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) [ 11.680780][ T1] TOMOYO: 2.6.0 [ 11.682277][ T1] Mandatory Access Control activated. [ 11.720973][ T1] pnp: PnP ACPI: disabled [ 14.182577][ T1] NET: Registered PF_INET protocol family [ 14.206776][ T1] IP idents hash table entries: 32768 (order: 6, 262144 bytes, linear) [ 14.445079][ T1] tcp_listen_portaddr_hash hash table entries: 1024 (order: 4, 73728 bytes, linear) [ 14.481498][ T1] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) [ 14.485102][ T1] TCP established hash table entries: 16384 (order: 5, 131072 bytes, linear) [ 14.680255][ T1] TCP bind hash table entries: 16384 (order: 9, 2359296 bytes, linear) [ 14.803568][ T1] TCP: Hash tables configured (established 16384 bind 16384) [ 14.862732][ T1] MPTCP token hash table entries: 2048 (order: 5, 180224 bytes, linear) [ 14.888094][ T1] UDP hash table entries: 1024 (order: 5, 163840 bytes, linear) [ 14.920724][ T1] UDP-Lite hash table entries: 1024 (order: 5, 163840 bytes, linear) [ 14.968193][ T1] NET: Registered PF_UNIX/PF_LOCAL protocol family [ 14.984347][ T1] NET: Registered PF_XDP protocol family [ 14.986992][ T1] PCI: CLS 0 bytes, default 64 [ 16.756850][ T1] kvm [1]: nv: 529 coarse grained trap handlers [ 16.896772][ T1] kvm [1]: nv: 669 fine grained trap handlers [ 17.011154][ T1] kvm [1]: IPA Size Limit: 52 bits [ 17.015322][ T1] kvm [1]: GICv4 support disabled [ 17.017165][ T1] kvm [1]: GICv3: no GICV resource entry [ 17.032022][ T1] kvm [1]: disabling GICv2 emulation [ 17.034892][ T1] kvm [1]: GIC system register CPU interface enabled [ 17.051319][ T1] kvm [1]: vgic interrupt IRQ9 [ 17.056962][ T1] kvm [1]: VHE mode initialized successfully [ 17.807224][ T1] Initialise system trusted keyrings [ 17.891385][ T1] workingset: timestamp_bits=42 max_order=19 bucket_order=0 [ 18.178559][ T1] DLM installed [ 18.462128][ T1] fuse: init (API version 7.40) [ 22.376471][ T1] NET: Registered PF_ALG protocol family [ 22.381941][ T1] xor: measuring software checksum speed [ 22.678492][ T1] 8regs : 33 MB/sec [ 22.976384][ T1] 32regs : 33 MB/sec [ 23.282420][ T1] arm64_neon : 32 MB/sec [ 23.284341][ T1] xor: using function: 32regs (33 MB/sec) [ 23.287222][ T1] async_tx: api initialized (async) [ 23.290275][ T1] Key type asymmetric registered [ 23.292259][ T1] Asymmetric key parser 'x509' registered [ 23.294135][ T1] Asymmetric key parser 'pkcs8' registered [ 23.295903][ T1] Key type pkcs7_test registered [ 23.312755][ T1] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 242) [ 23.338001][ T1] io scheduler mq-deadline registered [ 23.345024][ T1] io scheduler kyber registered [ 23.353481][ T1] io scheduler bfq registered [ 23.888041][ T1] pl061_gpio 9030000.pl061: PL061 GPIO chip registered [ 24.295306][ T1] pci-host-generic 4010000000.pcie: host bridge /pcie@10000000 ranges: [ 24.304896][ T1] pci-host-generic 4010000000.pcie: IO 0x003eff0000..0x003effffff -> 0x0000000000 [ 24.315552][ T1] pci-host-generic 4010000000.pcie: MEM 0x0010000000..0x003efeffff -> 0x0010000000 [ 24.321994][ T1] pci-host-generic 4010000000.pcie: MEM 0x8000000000..0xffffffffff -> 0x8000000000 [ 24.332598][ T1] pci-host-generic 4010000000.pcie: Memory resource size exceeds max for 32 bits [ 25.369979][ T1] pci-host-generic 4010000000.pcie: ECAM at [mem 0x4010000000-0x401fffffff] for [bus 00-ff] [ 25.400682][ T1] pci-host-generic 4010000000.pcie: PCI host bridge to bus 0000:00 [ 25.404242][ T1] pci_bus 0000:00: root bus resource [bus 00-ff] [ 25.406502][ T1] pci_bus 0000:00: root bus resource [io 0x0000-0xffff] [ 25.420563][ T1] pci_bus 0000:00: root bus resource [mem 0x10000000-0x3efeffff] [ 25.423089][ T1] pci_bus 0000:00: root bus resource [mem 0x8000000000-0xffffffffff] [ 25.434223][ T1] pci 0000:00:00.0: [1b36:0008] type 00 class 0x060000 conventional PCI endpoint [ 25.495121][ T1] pci 0000:00:01.0: [1af4:1005] type 00 class 0x00ff00 conventional PCI endpoint [ 25.507166][ T1] pci 0000:00:01.0: BAR 0 [io 0x0000-0x001f] [ 25.512671][ T1] pci 0000:00:01.0: BAR 1 [mem 0x00000000-0x00000fff] [ 25.516217][ T1] pci 0000:00:01.0: BAR 4 [mem 0x00000000-0x00003fff 64bit pref] [ 25.564209][ T1] pci 0000:00:02.0: [1af4:1000] type 00 class 0x020000 conventional PCI endpoint [ 25.567791][ T1] pci 0000:00:02.0: BAR 0 [io 0x0000-0x001f] [ 25.581914][ T1] pci 0000:00:02.0: BAR 1 [mem 0x00000000-0x00000fff] [ 25.585633][ T1] pci 0000:00:02.0: BAR 4 [mem 0x00000000-0x00003fff 64bit pref] [ 25.588423][ T1] pci 0000:00:02.0: ROM [mem 0x00000000-0x0003ffff pref] [ 25.634704][ T1] pci 0000:00:03.0: [1af4:1001] type 00 class 0x010000 conventional PCI endpoint [ 25.637955][ T1] pci 0000:00:03.0: BAR 0 [io 0x0000-0x007f] [ 25.652153][ T1] pci 0000:00:03.0: BAR 1 [mem 0x00000000-0x00000fff] [ 25.655623][ T1] pci 0000:00:03.0: BAR 4 [mem 0x00000000-0x00003fff 64bit pref] [ 25.748339][ T1] pci 0000:00:02.0: ROM [mem 0x10000000-0x1003ffff pref]: assigned [ 25.753757][ T1] pci 0000:00:01.0: BAR 4 [mem 0x8000000000-0x8000003fff 64bit pref]: assigned [ 25.757449][ T1] pci 0000:00:02.0: BAR 4 [mem 0x8000004000-0x8000007fff 64bit pref]: assigned [ 25.763560][ T1] pci 0000:00:03.0: BAR 4 [mem 0x8000008000-0x800000bfff 64bit pref]: assigned [ 25.766781][ T1] pci 0000:00:01.0: BAR 1 [mem 0x10040000-0x10040fff]: assigned [ 25.771622][ T1] pci 0000:00:02.0: BAR 1 [mem 0x10041000-0x10041fff]: assigned [ 25.774160][ T1] pci 0000:00:03.0: BAR 1 [mem 0x10042000-0x10042fff]: assigned [ 25.776443][ T1] pci 0000:00:03.0: BAR 0 [io 0x1000-0x107f]: assigned [ 25.779787][ T1] pci 0000:00:01.0: BAR 0 [io 0x1080-0x109f]: assigned [ 25.782149][ T1] pci 0000:00:02.0: BAR 0 [io 0x10a0-0x10bf]: assigned [ 25.875102][ T1] IPMI message handler: version 39.2 [ 25.896038][ T1] ipmi device interface [ 25.947653][ T1] ipmi_si: IPMI System Interface driver [ 26.093397][ T1] ipmi_si: Unable to find any System Interface(s) [ 27.672558][ T1] virtio-pci 0000:00:01.0: enabling device (0000 -> 0003) [ 27.768068][ T1] virtio-pci 0000:00:02.0: enabling device (0000 -> 0003) [ 27.866182][ T1] virtio-pci 0000:00:03.0: enabling device (0000 -> 0003) qemu-system-aarch64: terminating on signal 15 from pid 367364 (killall)