BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:34 in_atomic(): 1, irqs_disabled(): 0, pid: 14691, name: syz-executor3 2 locks held by syz-executor3/14691: #0: (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<00000000f011d9d0>] pfkey_sendmsg+0x4ce/0xa00 net/key/af_key.c:3647 #1: (&(&net->xfrm.xfrm_policy_lock)->rlock){+...}, at: [<0000000080682f4e>] spin_lock_bh include/linux/spinlock.h:315 [inline] #1: (&(&net->xfrm.xfrm_policy_lock)->rlock){+...}, at: [<0000000080682f4e>] xfrm_policy_flush+0x424/0x770 net/xfrm/xfrm_policy.c:951 CPU: 1 PID: 14691 Comm: syz-executor3 Not tainted 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6060 __might_sleep+0x95/0x190 kernel/sched/core.c:6013 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:34 [inline] percpu_down_read include/linux/percpu-rwsem.h:59 [inline] cpus_read_lock+0x1c/0x90 kernel/cpu.c:293 get_online_cpus include/linux/cpu.h:117 [inline] xfrm_policy_cache_flush+0x1d0/0x710 net/xfrm/xfrm_policy.c:1767 xfrm_policy_flush+0x650/0x770 net/xfrm/xfrm_policy.c:978 pfkey_spdflush+0x98/0x370 net/key/af_key.c:2750 pfkey_process+0x611/0x720 net/key/af_key.c:2809 pfkey_sendmsg+0x4dc/0xa00 net/key/af_key.c:3648 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2020 __sys_sendmsg+0xe5/0x210 net/socket.c:2054 SYSC_sendmsg net/socket.c:2065 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2061 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007fb9f9e46c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452cf9 RDX: 0000000000000000 RSI: 00000000208bb000 RDI: 0000000000000013 RBP: 0000000000000595 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f6698 R13: 00000000ffffffff R14: 00007fb9f9e476d4 R15: 0000000000000000 ===================================================== WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected 4.15.0-rc7+ #187 Tainted: G W ----------------------------------------------------- syz-executor3/14691 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: (cpu_hotplug_lock.rw_sem){++++}, at: [<00000000c2eaf214>] get_online_cpus include/linux/cpu.h:117 [inline] (cpu_hotplug_lock.rw_sem){++++}, at: [<00000000c2eaf214>] xfrm_policy_cache_flush+0x1d0/0x710 net/xfrm/xfrm_policy.c:1767 and this task is already holding: (&(&net->xfrm.xfrm_policy_lock)->rlock){+...}, at: [<0000000080682f4e>] spin_lock_bh include/linux/spinlock.h:315 [inline] (&(&net->xfrm.xfrm_policy_lock)->rlock){+...}, at: [<0000000080682f4e>] xfrm_policy_flush+0x424/0x770 net/xfrm/xfrm_policy.c:951 which would create a new lock dependency: (&(&net->xfrm.xfrm_policy_lock)->rlock){+...} -> (cpu_hotplug_lock.rw_sem){++++} but this new dependency connects a SOFTIRQ-irq-safe lock: (slock-AF_INET){+.-.} ... which became SOFTIRQ-irq-safe at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:310 [inline] sk_clone_lock+0x4a8/0x1630 net/core/sock.c:1670 inet_csk_clone_lock+0x91/0x4c0 net/ipv4/inet_connection_sock.c:781 tcp_create_openreq_child+0x9b/0x1b70 net/ipv4/tcp_minisocks.c:450 tcp_v4_syn_recv_sock+0x119/0x1260 net/ipv4/tcp_ipv4.c:1350 tcp_check_req+0xe68/0x15e0 net/ipv4/tcp_minisocks.c:781 tcp_v4_rcv+0x1624/0x2ea0 net/ipv4/tcp_ipv4.c:1696 ip_local_deliver_finish+0x2f1/0xc50 net/ipv4/ip_input.c:216 NF_HOOK include/linux/netfilter.h:288 [inline] ip_local_deliver+0x1ce/0x6e0 net/ipv4/ip_input.c:257 dst_input include/net/dst.h:449 [inline] ip_rcv_finish+0x953/0x1e30 net/ipv4/ip_input.c:397 NF_HOOK include/linux/netfilter.h:288 [inline] ip_rcv+0xc5a/0x1840 net/ipv4/ip_input.c:493 __netif_receive_skb_core+0x1a41/0x3460 net/core/dev.c:4538 __netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4603 netif_receive_skb_internal+0x10b/0x670 net/core/dev.c:4677 napi_skb_finish net/core/dev.c:5039 [inline] napi_gro_receive+0x3d0/0x500 net/core/dev.c:5070 receive_buf+0xb6e/0x2530 drivers/net/virtio_net.c:892 virtnet_receive drivers/net/virtio_net.c:1137 [inline] virtnet_poll+0x359/0xbc0 drivers/net/virtio_net.c:1219 napi_poll net/core/dev.c:5681 [inline] net_rx_action+0x792/0x1910 net/core/dev.c:5747 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285 invoke_softirq kernel/softirq.c:365 [inline] irq_exit+0x1cc/0x200 kernel/softirq.c:405 exiting_irq arch/x86/include/asm/apic.h:540 [inline] do_IRQ+0xeb/0x190 arch/x86/kernel/irq.c:241 ret_from_intr+0x0/0x1e rep_nop arch/x86/include/asm/processor.h:651 [inline] cpu_relax arch/x86/include/asm/processor.h:656 [inline] csd_lock_wait kernel/smp.c:108 [inline] smp_call_function_single+0x364/0x560 kernel/smp.c:302 smp_call_function_many+0x773/0x930 kernel/smp.c:434 smp_call_function kernel/smp.c:492 [inline] on_each_cpu+0x3d/0x1b0 kernel/smp.c:602 text_poke_bp+0xbb/0x170 arch/x86/kernel/alternative.c:807 __jump_label_transform.isra.0+0x6a5/0x8a0 arch/x86/kernel/jump_label.c:102 arch_jump_label_transform+0x2f/0x40 arch/x86/kernel/jump_label.c:110 __jump_label_update+0x207/0x2d0 kernel/jump_label.c:368 jump_label_update+0x22c/0x2b0 kernel/jump_label.c:735 static_key_disable_cpuslocked+0x227/0x2a0 kernel/jump_label.c:170 static_key_disable+0x1a/0x30 kernel/jump_label.c:178 once_deferred+0x5c/0x90 lib/once.c:18 process_one_work+0xbbf/0x1b10 kernel/workqueue.c:2112 worker_thread+0x223/0x1990 kernel/workqueue.c:2246 kthread+0x33c/0x400 kernel/kthread.c:238 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:524 to a SOFTIRQ-irq-unsafe lock: (cpu_hotplug_lock.rw_sem){++++} ... which became SOFTIRQ-irq-unsafe at: ... lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 down_write+0x87/0x120 kernel/locking/rwsem.c:70 percpu_down_write+0xa3/0x500 kernel/locking/percpu-rwsem.c:145 cpus_write_lock kernel/cpu.c:305 [inline] _cpu_up+0x60/0x510 kernel/cpu.c:990 do_cpu_up+0x73/0xa0 kernel/cpu.c:1066 cpu_up+0x18/0x20 kernel/cpu.c:1074 smp_init+0x13a/0x152 kernel/smp.c:578 kernel_init_freeable+0x2fe/0x521 init/main.c:1067 kernel_init+0x13/0x172 init/main.c:999 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:524 other info that might help us debug this: Chain exists of: slock-AF_INET --> &(&net->xfrm.xfrm_policy_lock)->rlock --> cpu_hotplug_lock.rw_sem Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(cpu_hotplug_lock.rw_sem); local_irq_disable(); lock(slock-AF_INET); lock(&(&net->xfrm.xfrm_policy_lock)->rlock); lock(slock-AF_INET); *** DEADLOCK *** 2 locks held by syz-executor3/14691: #0: (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: [<00000000f011d9d0>] pfkey_sendmsg+0x4ce/0xa00 net/key/af_key.c:3647 #1: (&(&net->xfrm.xfrm_policy_lock)->rlock){+...}, at: [<0000000080682f4e>] spin_lock_bh include/linux/spinlock.h:315 [inline] #1: (&(&net->xfrm.xfrm_policy_lock)->rlock){+...}, at: [<0000000080682f4e>] xfrm_policy_flush+0x424/0x770 net/xfrm/xfrm_policy.c:951 the dependencies between SOFTIRQ-irq-safe lock and the holding lock: -> (slock-AF_INET){+.-.} ops: 144172 { HARDIRQ-ON-W at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:168 spin_lock_bh include/linux/spinlock.h:315 [inline] lock_sock_nested+0x44/0x110 net/core/sock.c:2772 lock_sock include/net/sock.h:1463 [inline] sock_setsockopt+0x16b/0x1af0 net/core/sock.c:717 SYSC_setsockopt net/socket.c:1819 [inline] SyS_setsockopt+0x2ff/0x360 net/socket.c:1802 entry_SYSCALL_64_fastpath+0x23/0x9a IN-SOFTIRQ-W at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:310 [inline] sk_clone_lock+0x4a8/0x1630 net/core/sock.c:1670 inet_csk_clone_lock+0x91/0x4c0 net/ipv4/inet_connection_sock.c:781 tcp_create_openreq_child+0x9b/0x1b70 net/ipv4/tcp_minisocks.c:450 tcp_v4_syn_recv_sock+0x119/0x1260 net/ipv4/tcp_ipv4.c:1350 tcp_check_req+0xe68/0x15e0 net/ipv4/tcp_minisocks.c:781 tcp_v4_rcv+0x1624/0x2ea0 net/ipv4/tcp_ipv4.c:1696 ip_local_deliver_finish+0x2f1/0xc50 net/ipv4/ip_input.c:216 NF_HOOK include/linux/netfilter.h:288 [inline] ip_local_deliver+0x1ce/0x6e0 net/ipv4/ip_input.c:257 dst_input include/net/dst.h:449 [inline] ip_rcv_finish+0x953/0x1e30 net/ipv4/ip_input.c:397 NF_HOOK include/linux/netfilter.h:288 [inline] ip_rcv+0xc5a/0x1840 net/ipv4/ip_input.c:493 __netif_receive_skb_core+0x1a41/0x3460 net/core/dev.c:4538 __netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4603 netif_receive_skb_internal+0x10b/0x670 net/core/dev.c:4677 napi_skb_finish net/core/dev.c:5039 [inline] napi_gro_receive+0x3d0/0x500 net/core/dev.c:5070 receive_buf+0xb6e/0x2530 drivers/net/virtio_net.c:892 virtnet_receive drivers/net/virtio_net.c:1137 [inline] virtnet_poll+0x359/0xbc0 drivers/net/virtio_net.c:1219 napi_poll net/core/dev.c:5681 [inline] net_rx_action+0x792/0x1910 net/core/dev.c:5747 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285 invoke_softirq kernel/softirq.c:365 [inline] irq_exit+0x1cc/0x200 kernel/softirq.c:405 exiting_irq arch/x86/include/asm/apic.h:540 [inline] do_IRQ+0xeb/0x190 arch/x86/kernel/irq.c:241 ret_from_intr+0x0/0x1e rep_nop arch/x86/include/asm/processor.h:651 [inline] cpu_relax arch/x86/include/asm/processor.h:656 [inline] csd_lock_wait kernel/smp.c:108 [inline] smp_call_function_single+0x364/0x560 kernel/smp.c:302 smp_call_function_many+0x773/0x930 kernel/smp.c:434 smp_call_function kernel/smp.c:492 [inline] on_each_cpu+0x3d/0x1b0 kernel/smp.c:602 text_poke_bp+0xbb/0x170 arch/x86/kernel/alternative.c:807 __jump_label_transform.isra.0+0x6a5/0x8a0 arch/x86/kernel/jump_label.c:102 arch_jump_label_transform+0x2f/0x40 arch/x86/kernel/jump_label.c:110 __jump_label_update+0x207/0x2d0 kernel/jump_label.c:368 jump_label_update+0x22c/0x2b0 kernel/jump_label.c:735 static_key_disable_cpuslocked+0x227/0x2a0 kernel/jump_label.c:170 static_key_disable+0x1a/0x30 kernel/jump_label.c:178 once_deferred+0x5c/0x90 lib/once.c:18 process_one_work+0xbbf/0x1b10 kernel/workqueue.c:2112 worker_thread+0x223/0x1990 kernel/workqueue.c:2246 kthread+0x33c/0x400 kernel/kthread.c:238 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:524 INITIAL USE at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:168 spin_lock_bh include/linux/spinlock.h:315 [inline] lock_sock_nested+0x44/0x110 net/core/sock.c:2772 lock_sock include/net/sock.h:1463 [inline] sock_setsockopt+0x16b/0x1af0 net/core/sock.c:717 SYSC_setsockopt net/socket.c:1819 [inline] SyS_setsockopt+0x2ff/0x360 net/socket.c:1802 entry_SYSCALL_64_fastpath+0x23/0x9a } ... key at: [<0000000018d849b6>] af_family_slock_keys+0x10/0x180 ... acquired at: __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:168 spin_lock_bh include/linux/spinlock.h:315 [inline] xfrm_policy_delete+0x3e/0x90 net/xfrm/xfrm_policy.c:1247 xfrm_sk_free_policy include/net/xfrm.h:1256 [inline] inet_csk_destroy_sock+0x320/0x3f0 net/ipv4/inet_connection_sock.c:836 tcp_close+0x8ad/0xfc0 net/ipv4/tcp.c:2312 inet_release+0xed/0x1c0 net/ipv4/af_inet.c:427 sock_release+0x8d/0x1e0 net/socket.c:595 sock_close+0x16/0x20 net/socket.c:1123 __fput+0x327/0x7e0 fs/file_table.c:210 ____fput+0x15/0x20 fs/file_table.c:244 task_work_run+0x199/0x270 kernel/task_work.c:113 exit_task_work include/linux/task_work.h:22 [inline] do_exit+0x9bb/0x1ad0 kernel/exit.c:865 do_group_exit+0x149/0x400 kernel/exit.c:968 get_signal+0x73f/0x16c0 kernel/signal.c:2335 do_signal+0x90/0x1eb0 arch/x86/kernel/signal.c:809 exit_to_usermode_loop+0x214/0x310 arch/x86/entry/common.c:158 prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] syscall_return_slowpath+0x490/0x550 arch/x86/entry/common.c:264 entry_SYSCALL_64_fastpath+0x98/0x9a -> (&(&net->xfrm.xfrm_policy_lock)->rlock){+...} ops: 674 { HARDIRQ-ON-W at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:168 spin_lock_bh include/linux/spinlock.h:315 [inline] xfrm_policy_bysel_ctx+0x73/0x530 net/xfrm/xfrm_policy.c:809 xfrm_add_pol_expire+0x84d/0xae0 net/xfrm/xfrm_user.c:2115 xfrm_user_rcv_msg+0x422/0x860 net/xfrm/xfrm_user.c:2591 netlink_rcv_skb+0x224/0x470 net/netlink/af_netlink.c:2441 xfrm_netlink_rcv+0x6f/0x90 net/xfrm/xfrm_user.c:2599 netlink_unicast_kernel net/netlink/af_netlink.c:1308 [inline] netlink_unicast+0x4c4/0x6b0 net/netlink/af_netlink.c:1334 netlink_sendmsg+0xa4a/0xe60 net/netlink/af_netlink.c:1897 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2020 __sys_sendmsg+0xe5/0x210 net/socket.c:2054 SYSC_sendmsg net/socket.c:2065 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2061 entry_SYSCALL_64_fastpath+0x23/0x9a INITIAL USE at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:168 spin_lock_bh include/linux/spinlock.h:315 [inline] xfrm_policy_bysel_ctx+0x73/0x530 net/xfrm/xfrm_policy.c:809 xfrm_add_pol_expire+0x84d/0xae0 net/xfrm/xfrm_user.c:2115 xfrm_user_rcv_msg+0x422/0x860 net/xfrm/xfrm_user.c:2591 netlink_rcv_skb+0x224/0x470 net/netlink/af_netlink.c:2441 xfrm_netlink_rcv+0x6f/0x90 net/xfrm/xfrm_user.c:2599 netlink_unicast_kernel net/netlink/af_netlink.c:1308 [inline] netlink_unicast+0x4c4/0x6b0 net/netlink/af_netlink.c:1334 netlink_sendmsg+0xa4a/0xe60 net/netlink/af_netlink.c:1897 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2020 __sys_sendmsg+0xe5/0x210 net/socket.c:2054 SYSC_sendmsg net/socket.c:2065 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2061 entry_SYSCALL_64_fastpath+0x23/0x9a } ... key at: [<000000000832b936>] __key.66994+0x0/0x40 ... acquired at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline] percpu_down_read include/linux/percpu-rwsem.h:59 [inline] cpus_read_lock+0x42/0x90 kernel/cpu.c:293 get_online_cpus include/linux/cpu.h:117 [inline] xfrm_policy_cache_flush+0x1d0/0x710 net/xfrm/xfrm_policy.c:1767 xfrm_policy_flush+0x650/0x770 net/xfrm/xfrm_policy.c:978 pfkey_spdflush+0x98/0x370 net/key/af_key.c:2750 pfkey_process+0x611/0x720 net/key/af_key.c:2809 pfkey_sendmsg+0x4dc/0xa00 net/key/af_key.c:3648 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2020 __sys_sendmsg+0xe5/0x210 net/socket.c:2054 SYSC_sendmsg net/socket.c:2065 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2061 entry_SYSCALL_64_fastpath+0x23/0x9a the dependencies between the lock to be acquired and SOFTIRQ-irq-unsafe lock: -> (cpu_hotplug_lock.rw_sem){++++} ops: 1738 { HARDIRQ-ON-W at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 down_write+0x87/0x120 kernel/locking/rwsem.c:70 percpu_down_write+0xa3/0x500 kernel/locking/percpu-rwsem.c:145 cpus_write_lock kernel/cpu.c:305 [inline] _cpu_up+0x60/0x510 kernel/cpu.c:990 do_cpu_up+0x73/0xa0 kernel/cpu.c:1066 cpu_up+0x18/0x20 kernel/cpu.c:1074 smp_init+0x13a/0x152 kernel/smp.c:578 kernel_init_freeable+0x2fe/0x521 init/main.c:1067 kernel_init+0x13/0x172 init/main.c:999 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:524 HARDIRQ-ON-R at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline] percpu_down_read include/linux/percpu-rwsem.h:59 [inline] cpus_read_lock+0x42/0x90 kernel/cpu.c:293 get_online_cpus include/linux/cpu.h:117 [inline] kmem_cache_create+0x26/0x2a0 mm/slab_common.c:440 debug_objects_mem_init+0xda/0x910 lib/debugobjects.c:1139 start_kernel+0x6dd/0x819 init/main.c:674 x86_64_start_reservations+0x2a/0x2c arch/x86/kernel/head64.c:378 x86_64_start_kernel+0x77/0x7a arch/x86/kernel/head64.c:359 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:237 SOFTIRQ-ON-W at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 down_write+0x87/0x120 kernel/locking/rwsem.c:70 percpu_down_write+0xa3/0x500 kernel/locking/percpu-rwsem.c:145 cpus_write_lock kernel/cpu.c:305 [inline] _cpu_up+0x60/0x510 kernel/cpu.c:990 do_cpu_up+0x73/0xa0 kernel/cpu.c:1066 cpu_up+0x18/0x20 kernel/cpu.c:1074 smp_init+0x13a/0x152 kernel/smp.c:578 kernel_init_freeable+0x2fe/0x521 init/main.c:1067 kernel_init+0x13/0x172 init/main.c:999 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:524 SOFTIRQ-ON-R at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline] percpu_down_read include/linux/percpu-rwsem.h:59 [inline] cpus_read_lock+0x42/0x90 kernel/cpu.c:293 get_online_cpus include/linux/cpu.h:117 [inline] kmem_cache_create+0x26/0x2a0 mm/slab_common.c:440 debug_objects_mem_init+0xda/0x910 lib/debugobjects.c:1139 start_kernel+0x6dd/0x819 init/main.c:674 x86_64_start_reservations+0x2a/0x2c arch/x86/kernel/head64.c:378 x86_64_start_kernel+0x77/0x7a arch/x86/kernel/head64.c:359 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:237 INITIAL USE at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline] percpu_down_read include/linux/percpu-rwsem.h:59 [inline] cpus_read_lock kernel/cpu.c:293 [inline] __cpuhp_setup_state+0x60/0x140 kernel/cpu.c:1670 cpuhp_setup_state_nocalls include/linux/cpuhotplug.h:229 [inline] kvm_guest_init+0x1f3/0x20f arch/x86/kernel/kvm.c:528 setup_arch+0x1801/0x1a13 arch/x86/kernel/setup.c:1265 start_kernel+0xcd/0x819 init/main.c:535 x86_64_start_reservations+0x2a/0x2c arch/x86/kernel/head64.c:378 x86_64_start_kernel+0x77/0x7a arch/x86/kernel/head64.c:359 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:237 } ... key at: [<000000003de4470f>] cpu_hotplug_lock+0xd8/0x140 ... acquired at: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline] percpu_down_read include/linux/percpu-rwsem.h:59 [inline] cpus_read_lock+0x42/0x90 kernel/cpu.c:293 get_online_cpus include/linux/cpu.h:117 [inline] xfrm_policy_cache_flush+0x1d0/0x710 net/xfrm/xfrm_policy.c:1767 xfrm_policy_flush+0x650/0x770 net/xfrm/xfrm_policy.c:978 pfkey_spdflush+0x98/0x370 net/key/af_key.c:2750 pfkey_process+0x611/0x720 net/key/af_key.c:2809 pfkey_sendmsg+0x4dc/0xa00 net/key/af_key.c:3648 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2020 __sys_sendmsg+0xe5/0x210 net/socket.c:2054 SYSC_sendmsg net/socket.c:2065 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2061 entry_SYSCALL_64_fastpath+0x23/0x9a stack backtrace: CPU: 1 PID: 14691 Comm: syz-executor3 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 print_bad_irq_dependency kernel/locking/lockdep.c:1565 [inline] check_usage+0xad0/0xb60 kernel/locking/lockdep.c:1597 check_irq_usage kernel/locking/lockdep.c:1653 [inline] check_prev_add_irq kernel/locking/lockdep_states.h:8 [inline] check_prev_add kernel/locking/lockdep.c:1863 [inline] check_prevs_add kernel/locking/lockdep.c:1971 [inline] validate_chain kernel/locking/lockdep.c:2412 [inline] __lock_acquire+0x2bd1/0x3e00 kernel/locking/lockdep.c:3426 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36 [inline] percpu_down_read include/linux/percpu-rwsem.h:59 [inline] cpus_read_lock+0x42/0x90 kernel/cpu.c:293 get_online_cpus include/linux/cpu.h:117 [inline] xfrm_policy_cache_flush+0x1d0/0x710 net/xfrm/xfrm_policy.c:1767 xfrm_policy_flush+0x650/0x770 net/xfrm/xfrm_policy.c:978 pfkey_spdflush+0x98/0x370 net/key/af_key.c:2750 pfkey_process+0x611/0x720 net/key/af_key.c:2809 pfkey_sendmsg+0x4dc/0xa00 net/key/af_key.c:3648 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 ___sys_sendmsg+0x767/0x8b0 net/socket.c:2020 __sys_sendmsg+0xe5/0x210 net/socket.c:2054 SYSC_sendmsg net/socket.c:2065 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2061 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007fb9f9e46c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452cf9 RDX: 0000000000000000 RSI: 00000000208bb000 RDI: 0000000000000013 RBP: 0000000000000595 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f6698 R13: 00000000ffffffff R14: 00007fb9f9e476d4 R15: 0000000000000000 netlink: 'syz-executor1': attribute type 12 has an invalid length. netlink: 'syz-executor1': attribute type 12 has an invalid length. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15356 Comm: syz-executor7 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3542 sctp_bucket_create net/sctp/socket.c:7686 [inline] sctp_get_port_local+0x9cd/0x13b0 net/sctp/socket.c:7445 sctp_get_port+0x13f/0x1b0 net/sctp/socket.c:7494 inet_autobind+0xaa/0x180 net/ipv4/af_inet.c:182 inet_sendmsg+0x4de/0x5e0 net/ipv4/af_inet.c:761 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 SYSC_sendto+0x361/0x5c0 net/socket.c:1721 SyS_sendto+0x40/0x50 net/socket.c:1689 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007f155e2dec58 EFLAGS: 00000212 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f155e2deaa0 RCX: 0000000000452cf9 RDX: 0000000000000001 RSI: 0000000020ac8000 RDI: 0000000000000013 RBP: 00007f155e2dea90 R08: 00000000207bdfe4 R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b798c R13: 00007f155e2debc8 R14: 00000000004b798c R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15364 Comm: syz-executor7 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] kmem_cache_alloc_trace+0x4b/0x750 mm/slab.c:3608 kmalloc include/linux/slab.h:499 [inline] kzalloc include/linux/slab.h:688 [inline] sctp_add_bind_addr+0xd8/0x460 net/sctp/bind_addr.c:159 sctp_do_bind+0x312/0x540 net/sctp/socket.c:442 sctp_autobind+0x179/0x200 net/sctp/socket.c:7750 sctp_sendmsg+0x29d7/0x33f0 net/sctp/socket.c:1866 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 SYSC_sendto+0x361/0x5c0 net/socket.c:1721 SyS_sendto+0x40/0x50 net/socket.c:1689 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007f155e2dec58 EFLAGS: 00000212 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f155e2deaa0 RCX: 0000000000452cf9 RDX: 0000000000000001 RSI: 0000000020ac8000 RDI: 0000000000000013 RBP: 00007f155e2dea90 R08: 00000000207bdfe4 R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b798c R13: 00007f155e2debc8 R14: 00000000004b798c R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15379 Comm: syz-executor7 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] kmem_cache_alloc_trace+0x4b/0x750 mm/slab.c:3608 kmalloc include/linux/slab.h:499 [inline] kzalloc include/linux/slab.h:688 [inline] sctp_association_new+0x114/0x2130 net/sctp/associola.c:308 sctp_sendmsg+0x149b/0x33f0 net/sctp/socket.c:1886 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 SYSC_sendto+0x361/0x5c0 net/socket.c:1721 SyS_sendto+0x40/0x50 net/socket.c:1689 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007f155e2dec58 EFLAGS: 00000212 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f155e2deaa0 RCX: 0000000000452cf9 RDX: 0000000000000001 RSI: 0000000020ac8000 RDI: 0000000000000013 RBP: 00007f155e2dea90 R08: 00000000207bdfe4 R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b798c R13: 00007f155e2debc8 R14: 00000000004b798c R15: 0000000000000000 CPU: 0 PID: 15353 Comm: syz-executor0 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3542 anon_vma_chain_alloc mm/rmap.c:128 [inline] __anon_vma_prepare+0xbc/0x6b0 mm/rmap.c:182 anon_vma_prepare include/linux/rmap.h:153 [inline] do_huge_pmd_anonymous_page+0x1127/0x1b00 mm/huge_memory.c:678 create_huge_pmd mm/memory.c:3828 [inline] __handle_mm_fault+0x1a0c/0x3ce0 mm/memory.c:4032 handle_mm_fault+0x334/0x8d0 mm/memory.c:4098 __do_page_fault+0x5c9/0xc90 arch/x86/mm/fault.c:1429 do_page_fault+0xee/0x720 arch/x86/mm/fault.c:1504 page_fault+0x2c/0x60 arch/x86/entry/entry_64.S:1243 RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:68 RSP: 0018:ffff8801af8ffe50 EFLAGS: 00010293 RAX: 0000000000000014 RBX: 00007fffffffeffd RCX: 000000002000dff8 RDX: 0000000000000044 RSI: ffffc900018f3000 RDI: 0000000000000282 RBP: ffff8801af8fff48 R08: 0000000000000000 R09: 1ffff10035f1ffa7 R10: ffff8801af8ffd00 R11: ffff8801c3387408 R12: 1ffff10035f1ffd0 R13: 0000000000000014 R14: 0000000000000001 R15: 0000000000000015 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007f96f02a2c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000035 RAX: ffffffffffffffda RBX: 00007f96f02a2aa0 RCX: 0000000000452cf9 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 008000000000001e RBP: 00007f96f02a2a90 R08: 0000000000000000 R09: 0000000000000000 R10: 000000002000dff8 R11: 0000000000000212 R12: 00000000004b798c R13: 00007f96f02a2bc8 R14: 00000000004b798c R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15399 Comm: syz-executor7 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] __do_kmalloc mm/slab.c:3706 [inline] __kmalloc+0x63/0x760 mm/slab.c:3717 kmalloc_array include/linux/slab.h:618 [inline] sctp_stream_alloc_out+0x33/0x1b0 net/sctp/stream.c:96 sctp_stream_init+0xe0/0x370 net/sctp/stream.c:159 sctp_association_init net/sctp/associola.c:248 [inline] sctp_association_new+0x1253/0x2130 net/sctp/associola.c:312 sctp_sendmsg+0x149b/0x33f0 net/sctp/socket.c:1886 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 SYSC_sendto+0x361/0x5c0 net/socket.c:1721 SyS_sendto+0x40/0x50 net/socket.c:1689 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007f155e2dec58 EFLAGS: 00000212 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f155e2deaa0 RCX: 0000000000452cf9 RDX: 0000000000000001 RSI: 0000000020ac8000 RDI: 0000000000000013 RBP: 00007f155e2dea90 R08: 00000000207bdfe4 R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b798c R13: 00007f155e2debc8 R14: 00000000004b798c R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15492 Comm: syz-executor4 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3289 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3632 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:983 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1180 [inline] netlink_sendmsg+0xa86/0xe60 net/netlink/af_netlink.c:1872 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 sock_write_iter+0x31a/0x5d0 net/socket.c:909 call_write_iter include/linux/fs.h:1772 [inline] new_sync_write fs/read_write.c:469 [inline] __vfs_write+0x684/0x970 fs/read_write.c:482 vfs_write+0x189/0x510 fs/read_write.c:544 SYSC_write fs/read_write.c:589 [inline] SyS_write+0xef/0x220 fs/read_write.c:581 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007fe2e3765c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fe2e3765aa0 RCX: 0000000000452cf9 RDX: 0000000000000022 RSI: 00000000209c2fde RDI: 0000000000000013 RBP: 00007fe2e3765a90 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b798c R13: 00007fe2e3765bc8 R14: 00000000004b798c R15: 0000000000000000 nla_parse: 6 callbacks suppressed netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. can: request_module (can-proto-3) failed. can: request_module (can-proto-3) failed. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15732 Comm: syz-executor5 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] __do_kmalloc mm/slab.c:3706 [inline] __kmalloc+0x63/0x760 mm/slab.c:3717 kmalloc include/linux/slab.h:504 [inline] sock_kmalloc+0x112/0x190 net/core/sock.c:1989 ip6_mc_source+0x128d/0x1750 net/ipv6/mcast.c:413 do_ipv6_setsockopt.isra.9+0x31f5/0x39a0 net/ipv6/ipv6_sockglue.c:732 ipv6_setsockopt+0xd7/0x150 net/ipv6/ipv6_sockglue.c:922 rawv6_setsockopt+0x4a/0xf0 net/ipv6/raw.c:1060 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2978 SYSC_setsockopt net/socket.c:1823 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1802 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007f45a3c20c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007f45a3c20aa0 RCX: 0000000000452cf9 RDX: 000000000000002e RSI: 0000000000000029 RDI: 0000000000000013 RBP: 00007f45a3c20a90 R08: 0000000000000108 R09: 0000000000000000 R10: 0000000020da1ef8 R11: 0000000000000212 R12: 00000000004b798c R13: 00007f45a3c20bc8 R14: 00000000004b798c R15: 0000000000000000 netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15729 Comm: syz-executor1 Tainted: G W 4.15.0-rc7+ #187 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3368 [inline] __do_kmalloc mm/slab.c:3706 [inline] __kmalloc+0x63/0x760 mm/slab.c:3717 kmalloc include/linux/slab.h:504 [inline] sock_kmalloc+0x112/0x190 net/core/sock.c:1989 ipv6_sock_mc_join+0x506/0xa90 net/ipv6/mcast.c:158 do_ipv6_setsockopt.isra.9+0x339f/0x39a0 net/ipv6/ipv6_sockglue.c:685 ipv6_setsockopt+0xd7/0x150 net/ipv6/ipv6_sockglue.c:922 rawv6_setsockopt+0x4a/0xf0 net/ipv6/raw.c:1060 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2978 SYSC_setsockopt net/socket.c:1823 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1802 entry_SYSCALL_64_fastpath+0x23/0x9a RIP: 0033:0x452cf9 RSP: 002b:00007ff05ccd8c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007ff05ccd8aa0 RCX: 0000000000452cf9 RDX: 000000000000002a RSI: 0000000000000029 RDI: 0000000000000013 RBP: 00007ff05ccd8a90 R08: 0000000000000088 R09: 0000000000000000 R10: 0000000020fca000 R11: 0000000000000212 R12: 00000000004b798c R13: 00007ff05ccd8bc8 R14: 00000000004b798c R15: 0000000000000000 netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor4'. can: request_module (can-proto-5) failed. can: request_module (can-proto-5) failed.