Extracting prog: 9m42.149827556s Minimizing prog: 1h54m38.526738845s Simplifying prog options: 0s Extracting C: 2m26.795552555s Simplifying C: 57m7.169291427s 30 programs, 3 VMs, timeouts [6m0s] extracting reproducer from 30 programs single: executing 5 programs separately with timeout 6m0s testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): creat-mknod$loop-prctl$PR_SCHED_CORE-sched_setaffinity-openat$hwrng-preadv-socket$inet6_sctp-prctl$PR_SCHED_CORE-sched_setaffinity-openat$hwrng-preadv-socket$can_raw-ioctl$SNDRV_TIMER_IOCTL_PARAMS-syz_open_dev$dri-socket$inet_udplite-ioctl$sock_inet_SIOCSIFNETMASK-bpf$PROG_LOAD-eventfd2-io_setup-socket$rds-syz_io_uring_setup-syz_io_uring_setup-socket$nl_netfilter-sendmsg$IPSET_CMD_DESTROY-setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD-getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3-setsockopt$inet_sctp6_SCTP_MAX_BURST-setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS-setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO-sendmmsg$inet6 detailed listing: executing program 0: creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x24) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$can_raw(0x1d, 0x3, 0x1) ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000440)={0x4, 0x5e}) syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000000)={'batadv_slave_0\x00', {0x2, 0x4e21, @broadcast}}) bpf$PROG_LOAD(0x5, 0x0, 0x0) eventfd2(0x0, 0x0) io_setup(0x8, &(0x7f00000004c0)) socket$rds(0x15, 0x5, 0x0) syz_io_uring_setup(0x800f3b, &(0x7f0000000300)={0x0, 0x0, 0x1000}, &(0x7f0000000100), 0x0) syz_io_uring_setup(0x2292, &(0x7f0000000640)={0x0, 0x0, 0x2}, &(0x7f0000000400), &(0x7f0000000180)) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000180)={0x0, 0x8000000, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000040603000000000002000000000000000500010007"], 0x1c}}, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0xc) sendmmsg$inet6(r1, &(0x7f0000003f00)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000380)="1f0000000000000092a200b057c58e43a4442318e12a4fdd5e0318be938eaba07c99fe607d6ac9e2c120c29c44a1aa7cca1c0f55fce0baa7854a00040000000000004f6727ea8174717b0972d9000000000000", 0x53}, {&(0x7f00000004c0)="8ac771d605f0e258ef271a8d73639ed1b6a79e39048f4fcd124df22aef4acf973567d54ec979fd414ec9d58cf48ca13202b8d998a4d2f81683fe9ec61ceb5a756bb3697dfed455711f5c40cb11ce68cde2dd62c964a296392f48ef1a7e6a5fcdaa15267f3ad1793b84e3e7ad2b", 0x6d}], 0x2}}], 0x1, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-getpid-sched_setscheduler-timer_create-timer_settime-sched_setaffinity-socketpair$unix-pipe-splice detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x9) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r3, 0x0, 0x8000f28, 0x0) program crashed: INFO: rcu detected stall in corrupted single: successfully extracted reproducer found reproducer with 15 syscalls minimizing guilty program testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-getpid-sched_setscheduler-timer_create-timer_settime-sched_setaffinity-socketpair$unix-pipe detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x9) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)) pipe(&(0x7f0000000200)) program crashed: INFO: rcu detected stall in sys_newfstatat testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-getpid-sched_setscheduler-timer_create-timer_settime-sched_setaffinity-socketpair$unix detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x9) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)) program crashed: INFO: rcu detected stall in corrupted testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-getpid-sched_setscheduler-timer_create-timer_settime-sched_setaffinity detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x9) program crashed: WARNING in rcu_check_gp_start_stall testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-getpid-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in corrupted testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-getpid-sched_setscheduler-timer_create detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) program did not crash testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-getpid-sched_setscheduler-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program did not crash testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-getpid-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) getpid() timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in syscall_exit_to_user_mode testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-mount$cgroup2-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) mount$cgroup2(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x22012, &(0x7f0000000540)={[{@memory_localevents}, {@memory_recursiveprot}, {@subsystem='freezer'}, {@memory_recursiveprot}, {}, {@memory_recursiveprot}], [{@appraise}, {@smackfstransmute}]}) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in corrupted testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in corrupted testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-prlimit64-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program did not crash testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-read$FUSE-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) read$FUSE(r0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program did not crash testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-openat$fuse-prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in corrupted testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-syz_mount_image$vfat-prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) syz_mount_image$vfat(&(0x7f0000000600), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x2cd, &(0x7f0000000200)="$eJzs3T9rJGUYAPBnNpPdVYtNYSWCA1pYHZdrbTbIHYipPFKohQYvB5JdhAQC/sH1KlsbCws/gSD4QWz8BoKtYOcJB6/M7MzO7N2SZI/biJffr8mTd97nned9d0MmRZ79+NXp8b0i7j/46vcYRha9cYzjYRY70YvGN7Fk/F0AAP9nD1OKv9LcOnlZRAw3VxYAsEGX+/2ft+EvV1IWALBBd9//4N29/f3b7xXFMO5Mvz07KP+yL7/Or+/dj09jEkdxM0bxKKJ6UNiO6mmhDO+klGZ5UdqJN6azs4Myc/rRr/X6e39GVPm7MYqdamjxtFHlv7N/e7eY6+TPyjperO8/LvNvxSheXiQv5d9akR8H/Xjz9U79N2IUv30Sn8Uk7lVFtPlf7xbF2+n7v7/8sCyvzM9mZweDal4rbV3xSwMAAAAAAAAAAAAAAAAAAAAAwHPsRt07ZxBV/55yqO6/s/Wo/GY7isbOcn+eeX7WLNTtD5RSmqX4semvc7MoilRPbPPzeCXvNhYEAAAAAAAAAAAAAAAAAACA6+v08y+ODyeTo5NnEjTdAPKI+OduxNOuM+6MvBZ10IuVkwf1PQ8nk14dLs/JuyOx1czJIto5zXF0Vi438bSnkcdae3/hiZrr4Kef17378OI526vv9SyD5jiPD7PVZziIZmRYH9QP/Yh2Tj8uea/+4yNpNF8nrfUS9FdeGl2Y3mx0sc5LVTA7Jyuy8wp764+lBbPHd9GvTnVxzsNoD2q7Drr1LL83LvV+LtesflKekOnWAQAAAAAAAAAAAAAAAAAAG9X+9++Kiw/OTe2lwcbKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr1X7+/xrBrE4+OjnNL5jcj5PT/3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAP/BgAA///vmVBI") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in syscall_exit_to_user_mode testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000500)={0x0, &(0x7f0000000140)}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in corrupted testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in corrupted testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program did not crash testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f00000006c0)="bfc33982991c6469b18989aae7e3d4def7409abdafd43cf5d1c23cf304e45da45199fc9b367814d085a5f400890776ff8d8dcd4fce9c289156fb8504766d967a3eece6632ba4b468b9602c01c435383acea1f7d9545fd546309961877f", &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program did not crash testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, 0x0, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program did not crash testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, &(0x7f0000000540)}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in corrupted testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program crashed: INFO: rcu detected stall in syscall_exit_to_user_mode testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) program did not crash testing program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime detailed listing: executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x9) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, 0x0, 0x0) program did not crash extracting C reproducer testing compiled C program (duration=9m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted simplifying C reproducer testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in sys_sendto testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program did not crash testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program did not crash testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in sys_sendto testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program did not crash testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in syscall_exit_to_user_mode testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in syscall_exit_to_user_mode testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:false Sysctl:false Swap:true UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted reproducing took 3h3m54.641434458s repro crashed as (corrupted=true): rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: (detected by 1, t=10502 jiffies, g=5197, q=12 ncpus=2) rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4294968389-4294957887), jiffies_till_next_fqs=1, root ->qsmask 0x0 rcu: rcu_preempt kthread starved for 10502 jiffies! g5197 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:26008 pid:17 tgid:17 ppid:2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_timeout+0x1be/0x310 kernel/time/timer.c:2581 rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2020 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2222 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:144 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 rcu: Stack dump where RCU GP kthread last ran: CPU: 1 UID: 0 PID: 5133 Comm: syz-executor345 Not tainted 6.10.0-rc4-next-20240621-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 RIP: 0010:lock_release+0x630/0x9f0 kernel/locking/lockdep.c:5840 Code: 3c 3b 00 74 08 4c 89 f7 e8 dd 57 8a 00 f6 84 24 91 00 00 00 02 75 77 41 f7 c5 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 27 00 00 00 00 4b c7 44 27 08 00 00 00 00 65 48 8b 04 25 RSP: 0018:ffffc90003d9fb40 EFLAGS: 00000206 RAX: 0000000000000001 RBX: 1ffff920007b3f7a RCX: ffffc90003d9fb03 RDX: 0000000000000000 RSI: ffffffff8bcada20 RDI: ffffffff8c206c80 RBP: ffffc90003d9fc70 R08: ffffffff8faeddef R09: 1ffffffff1f5dbbd R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: 1ffff920007b3f74 R13: 0000000000000246 R14: ffffc90003d9fbd0 R15: dffffc0000000000 FS: 000055555ae6c3c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f318382c4c0 CR3: 0000000074490000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: clear_rseq_cs kernel/rseq.c:257 [inline] rseq_ip_fixup kernel/rseq.c:291 [inline] __rseq_handle_notify_resume+0x63a/0x14e0 kernel/rseq.c:329 rseq_handle_notify_resume include/linux/rseq.h:38 [inline] rseq_signal_deliver include/linux/rseq.h:47 [inline] setup_rt_frame arch/x86/kernel/signal.c:212 [inline] handle_signal arch/x86/kernel/signal.c:267 [inline] arch_do_signal_or_restart+0x383/0x830 arch/x86/kernel/signal.c:312 exit_to_user_mode_loop kernel/entry/common.c:111 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0xc9/0x370 kernel/entry/common.c:218 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f3183814e79 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffcce6edb18 EFLAGS: 00000246 RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007f3183814e79 RDX: 000000002006b000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000003 R14: 00007ffcce6edb90 R15: 00007ffcce6edb80 report is corrupted, running repro again testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted report is corrupted, running repro again testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in corrupted report is corrupted, running repro again testing compiled C program (duration=9m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): prlimit64-sched_setscheduler-timer_create-timer_settime program crashed: INFO: rcu detected stall in syscall_exit_to_user_mode final repro crashed as (corrupted=false): rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: (detected by 0, t=10502 jiffies, g=6373, q=6 ncpus=2) rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4294967482-4294956980), jiffies_till_next_fqs=1, root ->qsmask 0x0 rcu: rcu_preempt kthread starved for 10502 jiffies! g6373 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:26448 pid:17 tgid:17 ppid:2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_timeout+0x1be/0x310 kernel/time/timer.c:2581 rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2020 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2222 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:144 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 rcu: Stack dump where RCU GP kthread last ran: Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 5135 Comm: syz-executor129 Not tainted 6.10.0-rc4-next-20240621-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 RIP: 0010:debug_object_deactivate+0xf4/0x390 lib/debugobjects.c:753 Code: 85 25 02 00 00 c7 44 24 54 00 00 00 00 49 8d 7c 24 18 48 89 f8 48 c1 e8 03 42 80 3c 30 00 74 05 e8 81 e0 42 fd 4c 89 6c 24 58 <49> 8d 7c 24 20 48 89 f8 48 c1 e8 03 42 80 3c 30 00 74 05 e8 64 e0 RSP: 0018:ffffc90000a18c40 EFLAGS: 00000046 RAX: 1ffff92000143193 RBX: ffffc90000a18c90 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90000a18c98 RBP: ffffc90000a18d30 R08: ffffc90000a18c8f R09: 0000000000000000 R10: ffffc90000a18c80 R11: fffff52000143192 R12: ffffc90000a18c80 R13: ffff88807edfe0b0 R14: dffffc0000000000 R15: 1ffff9200014318c FS: 000055557bfa13c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000002006b000 CR3: 000000007edfc000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: debug_hrtimer_deactivate kernel/time/hrtimer.c:428 [inline] debug_deactivate+0x1b/0x220 kernel/time/hrtimer.c:484 __run_hrtimer kernel/time/hrtimer.c:1655 [inline] __hrtimer_run_queues+0x305/0xd50 kernel/time/hrtimer.c:1751 hrtimer_interrupt+0x396/0x990 kernel/time/hrtimer.c:1813 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline] __sysvec_apic_timer_interrupt+0x110/0x3f0 arch/x86/kernel/apic/apic.c:1049 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline] sysvec_apic_timer_interrupt+0xa1/0xc0 arch/x86/kernel/apic/apic.c:1043 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:160 [inline] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 kernel/locking/spinlock.c:202 Code: 90 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 1a 37 d7 f5 48 89 df e8 52 7a d8 f5 e8 ad dc 02 f6 fb bf 01 00 00 00 c2 42 ca f5 65 8b 05 03 89 6b 74 85 c0 74 06 5b c3 cc cc cc cc RSP: 0018:ffffc9000363fc70 EFLAGS: 00000282 RAX: a24d17fa1387a300 RBX: ffff888029b50940 RCX: ffffffff947dc803 RDX: dffffc0000000000 RSI: ffffffff8bcac8a0 RDI: 0000000000000001 RBP: ffffc9000363fdb0 R08: ffffffff8faeddef R09: 1ffffffff1f5dbbd R10: dffffc0000000000 R11: fffffbfff1f5dbbe R12: 0000000000000021 R13: 1ffff1100536a1bb R14: ffff888029b50dd8 R15: ffff888029b50940 spin_unlock_irq include/linux/spinlock.h:401 [inline] get_signal+0x14dd/0x1740 kernel/signal.c:2912 arch_do_signal_or_restart+0x96/0x830 arch/x86/kernel/signal.c:310 exit_to_user_mode_loop kernel/entry/common.c:111 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0xc9/0x370 kernel/entry/common.c:218 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbae79 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007fadcffbae79 RDX: 000000002006b000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000004 R14: 00007ffe7c842200 R15: 00007ffe7c8421f0 INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.417 msecs DEBUG: waiting rtnl_mutex for 10524 jiffies. task:syz-executor129 state:D stack:24080 pid:5111 tgid:5111 ppid:5108 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 register_netdev+0x13/0x50 net/core/dev.c:10510 ip6_tnl_init_net+0x238/0x2f0 net/ipv6/ip6_tunnel.c:2265 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000002 R14: 0000000000000002 R15: 00007ffe7c8421f0 DEBUG: waiting rtnl_mutex for 10601 jiffies. task:syz-executor129 state:D stack:23864 pid:5110 tgid:5110 ppid:5107 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 vti_init_net+0x2e/0xf0 net/ipv4/ip_vti.c:517 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe7c8421f0 Showing all locks held in the system: 2 locks held by getty/4849: #0: ffff88802f4a10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211 2 locks held by syz-executor129/5110: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 2 locks held by syz-executor129/5111: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 3 locks held by syz-executor129/5116: 3 locks held by syz-executor129/5135: #0: ffffc90000a18ca0 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789 #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95 #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688 ============================================= DEBUG: waiting rtnl_mutex for 10740 jiffies. task:syz-executor129 state:D stack:24080 pid:5111 tgid:5111 ppid:5108 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 register_netdev+0x13/0x50 net/core/dev.c:10510 ip6_tnl_init_net+0x238/0x2f0 net/ipv6/ip6_tunnel.c:2265 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000002 R14: 0000000000000002 R15: 00007ffe7c8421f0 DEBUG: waiting rtnl_mutex for 10764 jiffies. task:syz-executor129 state:D stack:23864 pid:5110 tgid:5110 ppid:5107 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 vti_init_net+0x2e/0xf0 net/ipv4/ip_vti.c:517 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe7c8421f0 Showing all locks held in the system: 2 locks held by getty/4849: #0: ffff88802f4a10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211 2 locks held by syz-executor129/5110: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 2 locks held by syz-executor129/5111: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 3 locks held by syz-executor129/5116: 3 locks held by syz-executor129/5135: #0: ffffc90000a18c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789 #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95 #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688 1 lock held by syz-executor129/5137: ============================================= DEBUG: waiting rtnl_mutex for 10900 jiffies. task:syz-executor129 state:D stack:24080 pid:5111 tgid:5111 ppid:5108 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 register_netdev+0x13/0x50 net/core/dev.c:10510 ip6_tnl_init_net+0x238/0x2f0 net/ipv6/ip6_tunnel.c:2265 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000002 R14: 0000000000000002 R15: 00007ffe7c8421f0 DEBUG: waiting rtnl_mutex for 10924 jiffies. task:syz-executor129 state:D stack:23864 pid:5110 tgid:5110 ppid:5107 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 vti_init_net+0x2e/0xf0 net/ipv4/ip_vti.c:517 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe7c8421f0 Showing all locks held in the system: 2 locks held by getty/4849: #0: ffff88802f4a10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211 2 locks held by syz-executor129/5110: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 2 locks held by syz-executor129/5111: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 3 locks held by syz-executor129/5116: 3 locks held by syz-executor129/5135: #0: ffffc90000a18c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789 #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95 #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688 2 locks held by syz-executor129/5137: ============================================= DEBUG: waiting rtnl_mutex for 11060 jiffies. task:syz-executor129 state:D stack:24080 pid:5111 tgid:5111 ppid:5108 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 register_netdev+0x13/0x50 net/core/dev.c:10510 ip6_tnl_init_net+0x238/0x2f0 net/ipv6/ip6_tunnel.c:2265 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000002 R14: 0000000000000002 R15: 00007ffe7c8421f0 DEBUG: waiting rtnl_mutex for 11084 jiffies. task:syz-executor129 state:D stack:23864 pid:5110 tgid:5110 ppid:5107 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 vti_init_net+0x2e/0xf0 net/ipv4/ip_vti.c:517 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe7c8421f0 Showing all locks held in the system: 2 locks held by getty/4849: #0: ffff88802f4a10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211 2 locks held by syz-executor129/5110: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 2 locks held by syz-executor129/5111: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 3 locks held by syz-executor129/5116: 3 locks held by syz-executor129/5135: #0: ffffc9000363fb40 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789 #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95 #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688 ============================================= DEBUG: waiting rtnl_mutex for 11220 jiffies. task:syz-executor129 state:D stack:24080 pid:5111 tgid:5111 ppid:5108 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 register_netdev+0x13/0x50 net/core/dev.c:10510 ip6_tnl_init_net+0x238/0x2f0 net/ipv6/ip6_tunnel.c:2265 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000002 R14: 0000000000000002 R15: 00007ffe7c8421f0 DEBUG: waiting rtnl_mutex for 11244 jiffies. task:syz-executor129 state:D stack:23864 pid:5110 tgid:5110 ppid:5107 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 vti_init_net+0x2e/0xf0 net/ipv4/ip_vti.c:517 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe7c8421f0 Showing all locks held in the system: 2 locks held by getty/4849: #0: ffff88802f4a10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211 2 locks held by syz-executor129/5110: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 2 locks held by syz-executor129/5111: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 3 locks held by syz-executor129/5116: 3 locks held by syz-executor129/5135: #0: ffffc9000363fb40 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789 #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95 #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688 1 lock held by syz-executor129/5137: ============================================= DEBUG: waiting rtnl_mutex for 11388 jiffies. task:syz-executor129 state:D stack:24080 pid:5111 tgid:5111 ppid:5108 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 register_netdev+0x13/0x50 net/core/dev.c:10510 ip6_tnl_init_net+0x238/0x2f0 net/ipv6/ip6_tunnel.c:2265 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000002 R14: 0000000000000002 R15: 00007ffe7c8421f0 DEBUG: waiting rtnl_mutex for 11412 jiffies. task:syz-executor129 state:D stack:23864 pid:5110 tgid:5110 ppid:5107 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5249 [inline] __schedule+0x17e8/0x4a20 kernel/sched/core.c:6594 __schedule_loop kernel/sched/core.c:6671 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6686 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6743 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752 ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 vti_init_net+0x2e/0xf0 net/ipv4/ip_vti.c:517 ops_init+0x359/0x610 net/core/net_namespace.c:139 setup_net+0x515/0xca0 net/core/net_namespace.c:343 copy_net_ns+0x4e2/0x7b0 net/core/net_namespace.c:508 create_new_namespaces+0x425/0x7b0 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0x124/0x180 kernel/nsproxy.c:228 ksys_unshare+0x619/0xc10 kernel/fork.c:3314 __do_sys_unshare kernel/fork.c:3385 [inline] __se_sys_unshare kernel/fork.c:3383 [inline] __x64_sys_unshare+0x38/0x40 kernel/fork.c:3383 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fadcffbc2f7 RSP: 002b:00007ffe7c842188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00007ffe7c8421b8 RCX: 00007fadcffbc2f7 RDX: 00007fadcffbae79 RSI: 00007ffe7c842230 RDI: 0000000040000000 RBP: 00000000000f4240 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe7c8421f0 Showing all locks held in the system: 2 locks held by getty/4849: #0: ffff88802f4a10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211 2 locks held by syz-executor129/5110: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1158 2 locks held by syz-executor129/5111: #0: ffffffff8f5eb450 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504 #1: ffffffff8f5f7d08 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock_killable+0x113/0x200 net/core/rtnetlink.c:156 3 locks held by syz-executor129/5116: 3 locks held by syz-executor129/5135: #0: ffffc90000a18c00 (net/core/rtnetlink.c:82){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789 #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #1: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: report_rtnl_holders+0x20/0x2d0 net/core/rtnetlink.c:95 #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline] #2: ffffffff8e3357a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6688 =============================================