====================================================== WARNING: possible circular locking dependency detected 4.20.0-rc7+ #384 Not tainted ------------------------------------------------------ kworker/1:4/13892 is trying to acquire lock: 00000000b08ec7b8 (&mdev->req_queue_mutex){+.+.}, at: v4l2_release+0x1d7/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:455 but task is already holding lock: 00000000e7828efb ((delayed_fput_work).work){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #3 ((delayed_fput_work).work){+.+.}: process_one_work+0xc0a/0x1c40 kernel/workqueue.c:2129 worker_thread+0x17f/0x1390 kernel/workqueue.c:2296 kthread+0x35a/0x440 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 -> #2 ((wq_completion)"events"){+.+.}: flush_workqueue+0x30a/0x1e10 kernel/workqueue.c:2655 flush_scheduled_work include/linux/workqueue.h:599 [inline] vim2m_stop_streaming+0x7c/0x2c0 drivers/media/platform/vim2m.c:811 __vb2_queue_cancel+0x14f/0xd50 drivers/media/common/videobuf2/videobuf2-core.c:1843 vb2_core_queue_release+0x26/0x80 drivers/media/common/videobuf2/videobuf2-core.c:2255 vb2_queue_release+0x15/0x20 drivers/media/common/videobuf2/videobuf2-v4l2.c:842 v4l2_m2m_ctx_release+0x2a/0x35 drivers/media/v4l2-core/v4l2-mem2mem.c:931 vim2m_release+0xe6/0x150 drivers/media/platform/vim2m.c:977 v4l2_release+0x224/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:456 __fput+0x385/0xa30 fs/file_table.c:278 ____fput+0x15/0x20 fs/file_table.c:309 task_work_run+0x1e8/0x2a0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x318/0x380 arch/x86/entry/common.c:166 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x6be/0x820 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #1 (&dev->dev_mutex){+.+.}: __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0x166/0x1700 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 vim2m_release+0xbc/0x150 drivers/media/platform/vim2m.c:976 v4l2_release+0x224/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:456 __fput+0x385/0xa30 fs/file_table.c:278 ____fput+0x15/0x20 fs/file_table.c:309 task_work_run+0x1e8/0x2a0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x318/0x380 arch/x86/entry/common.c:166 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x6be/0x820 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (&mdev->req_queue_mutex){+.+.}: lock_acquire+0x1ed/0x520 kernel/locking/lockdep.c:3844 __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0x166/0x1700 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 v4l2_release+0x1d7/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:455 __fput+0x385/0xa30 fs/file_table.c:278 delayed_fput+0x55/0x80 fs/file_table.c:304 process_one_work+0xc90/0x1c40 kernel/workqueue.c:2153 worker_thread+0x17f/0x1390 kernel/workqueue.c:2296 kthread+0x35a/0x440 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 other info that might help us debug this: Chain exists of: &mdev->req_queue_mutex --> (wq_completion)"events" --> (delayed_fput_work).work Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock((delayed_fput_work).work); lock((wq_completion)"events"); lock((delayed_fput_work).work); lock(&mdev->req_queue_mutex); *** DEADLOCK *** 2 locks held by kworker/1:4/13892: #0: 000000008cf61ae2 ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:218 [inline] #0: 000000008cf61ae2 ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 000000008cf61ae2 ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 000000008cf61ae2 ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 000000008cf61ae2 ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 000000008cf61ae2 ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 000000008cf61ae2 ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40 kernel/workqueue.c:2124 kobject: 'loop0' (000000009606d249): kobject_uevent_env #1: 00000000e7828efb ((delayed_fput_work).work){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 stack backtrace: kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' CPU: 1 PID: 13892 Comm: kworker/1:4 Not tainted 4.20.0-rc7+ #384 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events delayed_fput Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113 print_circular_bug.isra.33.cold.54+0x1bd/0x27d kernel/locking/lockdep.c:1221 check_prev_add kernel/locking/lockdep.c:1863 [inline] check_prevs_add kernel/locking/lockdep.c:1976 [inline] validate_chain kernel/locking/lockdep.c:2347 [inline] __lock_acquire+0x3360/0x4c20 kernel/locking/lockdep.c:3341 gfs2: gfs2 mount does not exist lock_acquire+0x1ed/0x520 kernel/locking/lockdep.c:3844 cgroup: fork rejected by pids controller in /syz0 __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0x166/0x1700 kernel/locking/mutex.c:1072 gfs2: gfs2 mount does not exist kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 v4l2_release+0x1d7/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:455 __fput+0x385/0xa30 fs/file_table.c:278 delayed_fput+0x55/0x80 fs/file_table.c:304 process_one_work+0xc90/0x1c40 kernel/workqueue.c:2153 worker_thread+0x17f/0x1390 kernel/workqueue.c:2296 kthread+0x35a/0x440 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kvm: emulating exchange as write kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' gfs2: gfs2 mount does not exist gfs2: gfs2 mount does not exist kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'kvm' (00000000f0527ec0): kobject_uevent_env kobject: 'kvm' (00000000f0527ec0): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' gfs2: gfs2 mount does not exist gfs2: gfs2 mount does not exist kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' gfs2: gfs2 mount does not exist kobject: 'loop3' (000000001e694177): kobject_uevent_env gfs2: gfs2 mount does not exist kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' gfs2: gfs2 mount does not exist gfs2: gfs2 mount does not exist kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' gfs2: gfs2 mount does not exist kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop0' (000000009606d249): kobject_uevent_env gfs2: gfs2 mount does not exist kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' gfs2: gfs2 mount does not exist kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env gfs2: gfs2 mount does not exist kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' gfs2: gfs2 mount does not exist kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' gfs2: gfs2 mount does not exist kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (0000000088f32984): kobject_uevent_env kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 gfs2: gfs2 mount does not exist gfs2: gfs2 mount does not exist kobject: 'loop5' (0000000088f32984): kobject_uevent_env CPU: 1 PID: 19566 Comm: syz-executor3 Not tainted 4.20.0-rc7+ #384 kobject: 'loop5' (0000000088f32984): fill_kobj_path: path = '/devices/virtual/block/loop5' Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold.4+0xa/0x17 lib/fault-inject.c:149 __should_failslab+0x124/0x180 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1578 slab_pre_alloc_hook mm/slab.h:423 [inline] slab_alloc mm/slab.c:3378 [inline] __do_kmalloc mm/slab.c:3720 [inline] __kmalloc_track_caller+0x2d1/0x760 mm/slab.c:3737 memdup_user+0x2c/0xa0 mm/util.c:153 ioctl_file_dedupe_range fs/ioctl.c:606 [inline] do_vfs_ioctl+0xef9/0x1790 fs/ioctl.c:692 ksys_ioctl+0xa9/0xd0 fs/ioctl.c:713 __do_sys_ioctl fs/ioctl.c:720 [inline] __se_sys_ioctl fs/ioctl.c:718 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:718 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457669 Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f2025db4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f2025db4c90 RCX: 0000000000457669 RDX: 0000000020000080 RSI: 00000000c0189436 RDI: 0000000000000003 RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2025db56d4 R13: 00000000004bf8d0 R14: 00000000004d0768 R15: 0000000000000004 ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'rx-0' (000000007a65c59d): kobject_cleanup, parent 0000000075c26e23 kobject: 'rx-0' (000000007a65c59d): auto cleanup 'remove' event kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'rx-0' (000000007a65c59d): kobject_uevent_env kobject: 'rx-0' (000000007a65c59d): fill_kobj_path: path = '/devices/virtual/net/syz_tun/queues/rx-0' kobject: 'rx-0' (000000007a65c59d): auto cleanup kobject_del kobject: 'rx-0' (000000007a65c59d): calling ktype release kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'rx-0': free name kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'tx-0' (000000009d5e3701): kobject_cleanup, parent 0000000075c26e23 kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (000000009c35180a): kobject_uevent_env kobject: 'loop4' (000000009c35180a): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'tx-0' (000000009d5e3701): auto cleanup 'remove' event kobject: 'tx-0' (000000009d5e3701): kobject_uevent_env kobject: 'tx-0' (000000009d5e3701): fill_kobj_path: path = '/devices/virtual/net/syz_tun/queues/tx-0' kobject: 'tx-0' (000000009d5e3701): auto cleanup kobject_del kobject: 'tx-0' (000000009d5e3701): calling ktype release kobject: 'loop3' (000000001e694177): kobject_uevent_env kobject: 'tx-0': free name kobject: 'queues' (0000000075c26e23): kobject_cleanup, parent (null) kobject: 'loop3' (000000001e694177): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'queues' (0000000075c26e23): calling ktype release kobject: 'queues' (0000000075c26e23): kset_release kobject: 'queues': free name kobject: 'syz_tun' (0000000043b61015): kobject_uevent_env kobject: 'loop0' (000000009606d249): kobject_uevent_env kobject: 'syz_tun' (0000000043b61015): fill_kobj_path: path = '/devices/virtual/net/syz_tun' kobject: 'loop0' (000000009606d249): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'syz_tun' (0000000043b61015): kobject_cleanup, parent (null) kobject: 'syz_tun' (0000000043b61015): calling ktype release kobject: 'syz_tun': free name