syzkaller login: [ 210.625895][ T1833] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 210.692621][ T1833] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 210.757808][ T1833] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 210.800964][ T1833] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:62476' (ECDSA) to the list of known hosts. 1970/01/01 00:04:07 fuzzer started 1970/01/01 00:04:17 dialing manager at localhost:36749 [ 262.497557][ T2000] cgroup: Unknown subsys name 'net' [ 263.318444][ T2000] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:04:23 syscalls: 2796 1970/01/01 00:04:23 code coverage: enabled 1970/01/01 00:04:23 comparison tracing: enabled 1970/01/01 00:04:23 extra coverage: enabled 1970/01/01 00:04:23 setuid sandbox: enabled 1970/01/01 00:04:23 namespace sandbox: enabled 1970/01/01 00:04:23 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:04:23 fault injection: enabled 1970/01/01 00:04:23 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:04:23 net packet injection: enabled 1970/01/01 00:04:23 net device setup: enabled 1970/01/01 00:04:23 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:04:23 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:04:23 USB emulation: enabled 1970/01/01 00:04:23 hci packet injection: /dev/vhci does not exist 1970/01/01 00:04:23 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:04:23 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:04:27 fetching corpus: 50, signal 32692/34532 (executing program) 1970/01/01 00:04:30 fetching corpus: 100, signal 58791/62295 (executing program) 1970/01/01 00:04:32 fetching corpus: 150, signal 73557/78638 (executing program) 1970/01/01 00:04:34 fetching corpus: 200, signal 79018/85716 (executing program) 1970/01/01 00:04:36 fetching corpus: 250, signal 87529/95725 (executing program) 1970/01/01 00:04:38 fetching corpus: 300, signal 96705/106284 (executing program) 1970/01/01 00:04:41 fetching corpus: 350, signal 102528/113561 (executing program) 1970/01/01 00:04:44 fetching corpus: 400, signal 109877/122233 (executing program) 1970/01/01 00:04:46 fetching corpus: 450, signal 114827/128572 (executing program) 1970/01/01 00:04:49 fetching corpus: 500, signal 122567/137564 (executing program) 1970/01/01 00:04:51 fetching corpus: 550, signal 127882/144058 (executing program) 1970/01/01 00:04:53 fetching corpus: 600, signal 131450/148929 (executing program) 1970/01/01 00:04:56 fetching corpus: 650, signal 134500/153259 (executing program) 1970/01/01 00:04:58 fetching corpus: 700, signal 140615/160494 (executing program) 1970/01/01 00:05:01 fetching corpus: 750, signal 143147/164290 (executing program) 1970/01/01 00:05:03 fetching corpus: 800, signal 148273/170513 (executing program) 1970/01/01 00:05:04 fetching corpus: 850, signal 152385/175707 (executing program) 1970/01/01 00:05:06 fetching corpus: 900, signal 155054/179572 (executing program) 1970/01/01 00:05:08 fetching corpus: 950, signal 158276/183901 (executing program) 1970/01/01 00:05:10 fetching corpus: 999, signal 161439/188161 (executing program) 1970/01/01 00:05:12 fetching corpus: 1049, signal 163457/191344 (executing program) 1970/01/01 00:05:13 fetching corpus: 1099, signal 165169/194259 (executing program) 1970/01/01 00:05:15 fetching corpus: 1149, signal 168120/198229 (executing program) 1970/01/01 00:05:18 fetching corpus: 1199, signal 170823/201961 (executing program) 1970/01/01 00:05:19 fetching corpus: 1249, signal 174547/206591 (executing program) 1970/01/01 00:05:22 fetching corpus: 1299, signal 176936/210038 (executing program) 1970/01/01 00:05:24 fetching corpus: 1349, signal 178205/212430 (executing program) 1970/01/01 00:05:28 fetching corpus: 1399, signal 180131/215364 (executing program) 1970/01/01 00:05:30 fetching corpus: 1449, signal 183122/219275 (executing program) 1970/01/01 00:05:31 fetching corpus: 1499, signal 186830/223809 (executing program) 1970/01/01 00:05:34 fetching corpus: 1549, signal 189633/227488 (executing program) 1970/01/01 00:05:36 fetching corpus: 1599, signal 192903/231554 (executing program) 1970/01/01 00:05:38 fetching corpus: 1649, signal 200334/239187 (executing program) 1970/01/01 00:05:39 fetching corpus: 1699, signal 201619/241473 (executing program) 1970/01/01 00:05:42 fetching corpus: 1749, signal 203865/244558 (executing program) 1970/01/01 00:05:44 fetching corpus: 1799, signal 205323/247021 (executing program) 1970/01/01 00:05:46 fetching corpus: 1849, signal 206789/249369 (executing program) 1970/01/01 00:05:48 fetching corpus: 1899, signal 208267/251765 (executing program) 1970/01/01 00:05:49 fetching corpus: 1949, signal 210532/254825 (executing program) 1970/01/01 00:05:52 fetching corpus: 1999, signal 213035/258072 (executing program) 1970/01/01 00:05:54 fetching corpus: 2049, signal 215662/261387 (executing program) 1970/01/01 00:05:56 fetching corpus: 2099, signal 217149/263752 (executing program) [ 897.217718][ C0] INFO: timekeeping: Cycle offset (5285439199) is larger than the 'riscv_clocksource' clock's 50% safety margin (4952755080) [ 897.218252][ C0] timekeeping: Your kernel is still fine, but is feeling a bit nervous [ 897.241123][ C1] ------------[ cut here ]------------ [ 897.243996][ C1] WARNING: CPU: 1 PID: 1992 at kernel/rcu/tree_stall.h:921 rcu_check_gp_start_stall.part.0+0x51e/0x7ce [ 897.246346][ C1] Modules linked in: [ 897.247556][ C1] CPU: 1 PID: 1992 Comm: syz-fuzzer Not tainted 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0 [ 897.248968][ C1] Hardware name: riscv-virtio,qemu (DT) [ 897.250231][ C1] epc : rcu_check_gp_start_stall.part.0+0x51e/0x7ce [ 897.251492][ C1] ra : rcu_check_gp_start_stall.part.0+0x512/0x7ce [ 897.252832][ C1] epc : ffffffff801073b4 ra : ffffffff801073a8 sp : ffffffe009a53830 [ 897.254192][ C1] gp : ffffffff83f9a558 tp : ffffffe00d1caf80 t0 : ffffffe009a53518 [ 897.255988][ C1] t1 : ffffffc7f07f3cc2 t2 : 0000000020c7b1e5 s0 : ffffffe009a53870 [ 897.257916][ C1] s1 : 0000000000005dd0 a0 : 0000000000000001 a1 : 0000000000000004 [ 897.258977][ C1] a2 : 0000000000000001 a3 : ffffffff801073a8 a4 : 0000000000000000 [ 897.260050][ C1] a5 : 0000000000000000 a6 : ffffffff83f9e610 a7 : ffffffff83f9e613 [ 897.261942][ C1] s2 : ffffffff83d2b840 s3 : ffffffff83d2b840 s4 : ffffffff83c0b540 [ 897.262930][ C1] s5 : 0000000000000022 s6 : ffffffff83f9e610 s7 : ffffffe00d1caf80 [ 897.263916][ C1] s8 : 0000000000000001 s9 : 0000000000000002 s10: ffffffe05adf5858 [ 897.265384][ C1] s11: ffffffff85302728 t3 : e199e4b33a9e0200 t4 : ffffffc7f07f3cc2 [ 897.266365][ C1] t5 : ffffffc7f07f3cc3 t6 : 0000000000000005 [ 897.267212][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 897.268214][ C1] [] rcu_check_gp_start_stall.part.0+0x51e/0x7ce [ 897.269522][ C1] [] rcu_core+0x3ae/0xe14 [ 897.270381][ C1] [] rcu_core_si+0xc/0x14 [ 897.271492][ C1] [] __do_softirq+0x264/0x8dc [ 897.272769][ C1] [] __irq_exit_rcu+0x142/0x1f8 [ 897.274234][ C1] [] irq_exit+0x10/0x7a [ 897.275647][ C1] [] handle_domain_irq+0x106/0x178 [ 897.277378][ C1] [] riscv_intc_irq+0x80/0xca [ 897.278270][ C1] [] ret_from_exception+0x0/0x14 [ 897.279184][ C1] [] _raw_write_unlock_irq+0x2a/0x76 [ 897.280736][ C1] irq event stamp: 47419 [ 897.281421][ C1] hardirqs last enabled at (47418): [] rcu_core+0xbd2/0xe14 [ 897.283171][ C1] hardirqs last disabled at (47419): [] _raw_spin_lock_irqsave+0x60/0x62 [ 897.285363][ C1] softirqs last enabled at (47132): [] __do_softirq+0x5f8/0x8dc [ 897.287157][ C1] softirqs last disabled at (47349): [] __irq_exit_rcu+0x142/0x1f8 [ 897.288288][ C1] ---[ end trace e5ad0dc1dad64711 ]--- [ 897.290431][ C1] rcu: rcu_preempt: wait state: RCU_GP_WAIT_GPS(1) ->state: 0x0 ->rt_priority 0 delta ->gp_start 54523 ->gp_activity 54521 ->gp_req_activity 52861 ->gp_wake_time 52861 ->gp_wake_seq 20372 ->gp_seq 20372 ->gp_seq_needed 20376 ->gp_max 21 ->gp_flags 0x1 [ 897.292646][ C1] rcu: rcu_node 0:1 ->gp_seq 20372 ->gp_seq_needed 20376 ->qsmask 0x0 .... ->n_boosts 0 [ 897.294428][ C1] rcu: RCU callbacks invoked since boot: 21694 [ 897.295545][ C1] rcu_tasks: RTGS_WAIT_CBS(11) since 89574 g:2 i:0/0 k. [ 897.297153][ C1] rcu_tasks_trace: RTGS_WAIT_CBS(11) since 89606 g:2 i:0/0 k. N0 h:0/0/0 1970/01/01 00:14:56 Manager.Poll call failed: read tcp 127.0.0.1:52692->127.0.0.1:36749: i/o timeout VM DIAGNOSIS: 13:16:32 Registers: info registers vcpu 0 pc ffffffff800daf60 mhartid 0000000000000000 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff80005050 mepc ffffffff8000ef2c sepc ffffffff803eb3ea mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff800daf50 x2/sp ffffffff83c03160 x3/gp ffffffff83f9a558 x4/tp ffffffff83c39800 x5/t0 ffffffff83c02ed8 x6/t1 ffffffc40b5bb321 x7/t2 0000000000000000 x8/s0 ffffffff83c03220 x9/s1 ffffffff82e27880 x10/a0 ffffffff83c3a1ac x11/a1 0000000000000007 x12/a2 1ffffffff0787435 x13/a3 ffffffff800daf50 x14/a4 0000000000000000 x15/a5 0000000000000120 x16/a6 ffffffff800919a6 x17/a7 e199e4b33a9e0200 x18/s2 ffffffff85302728 x19/s3 0000000000000000 x20/s4 0000000000000001 x21/s5 0000000000000000 x22/s6 ffffffe00c9b5028 x23/s7 0000000000000000 x24/s8 0000000000000000 x25/s9 ffffffff800919a6 x26/s10 ffffffff83f9e0d0 x27/s11 ffffffff83c3a800 x28/t3 e199e4b33a9e0200 x29/t4 ffffffc40b5bb321 x30/t5 ffffffc40b5bb322 x31/t6 ffffffff83c02ff8 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff800050bc mhartid 0000000000000001 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff80005050 mepc ffffffff803f1788 sepc ffffffff82be479c mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff82be4798 x2/sp ffffffe009a53ae0 x3/gp ffffffff83f9a558 x4/tp ffffffe00d1caf80 x5/t0 0000000000046000 x6/t1 ffffffc40b5beb21 x7/t2 0000000000000000 x8/s0 ffffffe009a53c00 x9/s1 0000000000000120 x10/a0 0000000000000001 x11/a1 00000000000f0000 x12/a2 0000000000000002 x13/a3 ffffffff82bd7c00 x14/a4 ffffffe00d1cbf80 x15/a5 000000000000b8f1 x16/a6 0000000000f00000 x17/a7 ffffffe05adf590b x18/s2 ffffffff82be479c x19/s3 0000000000000000 x20/s4 8000000000000005 x21/s5 ffffffe00d1cb464 x22/s6 ffffffe0057e0000 x23/s7 ffffffe00d1cb418 x24/s8 0000000000000001 x25/s9 ffffffe009a53c68 x26/s10 00000000400004d8 x27/s11 ffffffe009a53e30 x28/t3 e199e4b33a9e0200 x29/t4 ffffffc40b5beb21 x30/t5 ffffffc40b5beb22 x31/t6 0000000000081678 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 4120000000000000 f3/ft3 40d5f73a25ac490c f4/ft4 4129ee2000000000 f5/ft5 4037c1404eadf384 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000