syzkaller login: [ 274.038969][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 274.115699][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 274.163712][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 294.597657][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:24192' (ECDSA) to the list of known hosts. 1970/01/01 00:05:28 fuzzer started 1970/01/01 00:05:46 dialing manager at localhost:35325 [ 352.112352][ T2032] cgroup: Unknown subsys name 'net' [ 353.114812][ T2032] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:05:52 syscalls: 2853 1970/01/01 00:05:52 code coverage: enabled 1970/01/01 00:05:52 comparison tracing: enabled 1970/01/01 00:05:52 extra coverage: enabled 1970/01/01 00:05:52 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:05:52 setuid sandbox: enabled 1970/01/01 00:05:52 namespace sandbox: enabled 1970/01/01 00:05:53 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:05:53 fault injection: enabled 1970/01/01 00:05:53 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:05:53 net packet injection: enabled 1970/01/01 00:05:53 net device setup: enabled 1970/01/01 00:05:53 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:05:53 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:05:53 USB emulation: enabled 1970/01/01 00:05:53 hci packet injection: /dev/vhci does not exist 1970/01/01 00:05:53 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:05:53 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:05:53 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:05:57 fetching corpus: 49, signal 30416/33987 (executing program) 1970/01/01 00:06:00 fetching corpus: 99, signal 47140/52221 (executing program) 1970/01/01 00:06:04 fetching corpus: 149, signal 54086/60706 (executing program) 1970/01/01 00:06:08 fetching corpus: 199, signal 69435/77167 (executing program) 1970/01/01 00:06:10 fetching corpus: 249, signal 74322/83408 (executing program) 1970/01/01 00:06:13 fetching corpus: 299, signal 79502/89827 (executing program) 1970/01/01 00:06:16 fetching corpus: 349, signal 86412/97801 (executing program) 1970/01/01 00:06:19 fetching corpus: 399, signal 90426/103012 (executing program) 1970/01/01 00:06:23 fetching corpus: 449, signal 98669/112155 (executing program) 1970/01/01 00:06:26 fetching corpus: 499, signal 101567/116192 (executing program) 1970/01/01 00:06:28 fetching corpus: 549, signal 104119/119887 (executing program) 1970/01/01 00:06:32 fetching corpus: 599, signal 107317/124180 (executing program) 1970/01/01 00:06:35 fetching corpus: 649, signal 113125/130778 (executing program) 1970/01/01 00:06:37 fetching corpus: 699, signal 116832/135411 (executing program) 1970/01/01 00:06:38 fetching corpus: 749, signal 118457/138126 (executing program) 1970/01/01 00:06:43 fetching corpus: 799, signal 126522/146568 (executing program) 1970/01/01 00:06:44 fetching corpus: 849, signal 129286/150173 (executing program) 1970/01/01 00:06:47 fetching corpus: 899, signal 131263/153088 (executing program) 1970/01/01 00:06:49 fetching corpus: 949, signal 136000/158374 (executing program) 1970/01/01 00:06:52 fetching corpus: 998, signal 139258/162251 (executing program) 1970/01/01 00:06:54 fetching corpus: 1048, signal 142859/166450 (executing program) 1970/01/01 00:06:56 fetching corpus: 1098, signal 146624/170678 (executing program) 1970/01/01 00:06:58 fetching corpus: 1148, signal 148216/173096 (executing program) 1970/01/01 00:07:00 fetching corpus: 1198, signal 150773/176300 (executing program) 1970/01/01 00:07:03 fetching corpus: 1248, signal 152556/178780 (executing program) 1970/01/01 00:07:06 fetching corpus: 1298, signal 157478/183818 (executing program) 1970/01/01 00:07:09 fetching corpus: 1348, signal 158851/185964 (executing program) 1970/01/01 00:07:12 fetching corpus: 1398, signal 164028/191143 (executing program) 1970/01/01 00:07:16 fetching corpus: 1448, signal 165452/193248 (executing program) 1970/01/01 00:07:20 fetching corpus: 1498, signal 166811/195276 (executing program) 1970/01/01 00:07:22 fetching corpus: 1548, signal 168928/197879 (executing program) 1970/01/01 00:07:24 fetching corpus: 1598, signal 170477/199957 (executing program) 1970/01/01 00:07:27 fetching corpus: 1648, signal 172338/202265 (executing program) 1970/01/01 00:07:30 fetching corpus: 1698, signal 173513/204062 (executing program) 1970/01/01 00:07:32 fetching corpus: 1748, signal 175880/206736 (executing program) 1970/01/01 00:07:35 fetching corpus: 1798, signal 177795/209006 (executing program) 1970/01/01 00:07:38 fetching corpus: 1847, signal 179139/210916 (executing program) 1970/01/01 00:07:41 fetching corpus: 1897, signal 180637/212883 (executing program) 1970/01/01 00:07:46 fetching corpus: 1946, signal 182342/215001 (executing program) 1970/01/01 00:07:48 fetching corpus: 1996, signal 183687/216852 (executing program) 1970/01/01 00:07:51 fetching corpus: 2046, signal 185369/218919 (executing program) 1970/01/01 00:07:54 fetching corpus: 2095, signal 187188/221032 (executing program) 1970/01/01 00:07:59 fetching corpus: 2145, signal 189055/223179 (executing program) 1970/01/01 00:08:02 fetching corpus: 2195, signal 191269/225519 (executing program) 1970/01/01 00:08:05 fetching corpus: 2245, signal 192545/227181 (executing program) 1970/01/01 00:08:07 fetching corpus: 2295, signal 194581/229313 (executing program) 1970/01/01 00:08:10 fetching corpus: 2345, signal 195274/230538 (executing program) 1970/01/01 00:08:12 fetching corpus: 2395, signal 196096/231810 (executing program) 1970/01/01 00:08:15 fetching corpus: 2445, signal 198571/234208 (executing program) 1970/01/01 00:08:18 fetching corpus: 2495, signal 199827/235779 (executing program) 1970/01/01 00:08:20 fetching corpus: 2545, signal 200681/237022 (executing program) 1970/01/01 00:08:21 fetching corpus: 2595, signal 201752/238443 (executing program) 1970/01/01 00:08:23 fetching corpus: 2645, signal 202421/239577 (executing program) 1970/01/01 00:08:26 fetching corpus: 2695, signal 203631/241094 (executing program) 1970/01/01 00:08:29 fetching corpus: 2745, signal 204305/242236 (executing program) 1970/01/01 00:08:31 fetching corpus: 2795, signal 205330/243570 (executing program) 1970/01/01 00:08:35 fetching corpus: 2844, signal 206377/244892 (executing program) 1970/01/01 00:08:38 fetching corpus: 2894, signal 207235/246082 (executing program) 1970/01/01 00:08:39 fetching corpus: 2944, signal 208068/247264 (executing program) 1970/01/01 00:08:42 fetching corpus: 2994, signal 209016/248527 (executing program) 1970/01/01 00:08:45 fetching corpus: 3044, signal 210334/249956 (executing program) 1970/01/01 00:08:48 fetching corpus: 3094, signal 211309/251137 (executing program) 1970/01/01 00:08:50 fetching corpus: 3144, signal 211994/252158 (executing program) 1970/01/01 00:08:52 fetching corpus: 3194, signal 212968/253353 (executing program) 1970/01/01 00:08:57 fetching corpus: 3244, signal 213909/254503 (executing program) 1970/01/01 00:09:00 fetching corpus: 3294, signal 215090/255784 (executing program) 1970/01/01 00:09:02 fetching corpus: 3344, signal 215710/256732 (executing program) 1970/01/01 00:09:04 fetching corpus: 3394, signal 216992/258069 (executing program) 1970/01/01 00:09:06 fetching corpus: 3444, signal 217645/259030 (executing program) 1970/01/01 00:09:08 fetching corpus: 3494, signal 218532/260058 (executing program) 1970/01/01 00:09:12 fetching corpus: 3544, signal 220850/261895 (executing program) 1970/01/01 00:09:14 fetching corpus: 3594, signal 222108/263140 (executing program) 1970/01/01 00:09:17 fetching corpus: 3644, signal 223104/264255 (executing program) 1970/01/01 00:09:21 fetching corpus: 3693, signal 223915/265184 (executing program) 1970/01/01 00:09:25 fetching corpus: 3743, signal 224805/266177 (executing program) 1970/01/01 00:09:28 fetching corpus: 3792, signal 225963/267301 (executing program) 1970/01/01 00:09:30 fetching corpus: 3842, signal 226708/268211 (executing program) 1970/01/01 00:09:31 fetching corpus: 3892, signal 227507/269158 (executing program) 1970/01/01 00:09:34 fetching corpus: 3942, signal 228255/270037 (executing program) 1970/01/01 00:09:38 fetching corpus: 3992, signal 228924/270885 (executing program) 1970/01/01 00:09:41 fetching corpus: 4042, signal 230646/272215 (executing program) 1970/01/01 00:09:43 fetching corpus: 4091, signal 231264/273010 (executing program) 1970/01/01 00:09:46 fetching corpus: 4141, signal 232099/273875 (executing program) 1970/01/01 00:09:50 fetching corpus: 4191, signal 233313/274894 (executing program) 1970/01/01 00:09:53 fetching corpus: 4241, signal 235028/276176 (executing program) 1970/01/01 00:09:55 fetching corpus: 4291, signal 235726/276959 (executing program) 1970/01/01 00:09:57 fetching corpus: 4341, signal 236446/277687 (executing program) 1970/01/01 00:09:59 fetching corpus: 4391, signal 237061/278400 (executing program) 1970/01/01 00:10:03 fetching corpus: 4441, signal 238482/279461 (executing program) 1970/01/01 00:10:07 fetching corpus: 4491, signal 240734/280829 (executing program) 1970/01/01 00:10:10 fetching corpus: 4541, signal 241829/281697 (executing program) 1970/01/01 00:10:13 fetching corpus: 4591, signal 242566/282517 (executing program) 1970/01/01 00:10:16 fetching corpus: 4641, signal 243448/283316 (executing program) 1970/01/01 00:10:19 fetching corpus: 4691, signal 244307/284049 (executing program) 1970/01/01 00:10:22 fetching corpus: 4741, signal 245366/284895 (executing program) 1970/01/01 00:10:25 fetching corpus: 4791, signal 246111/285608 (executing program) 1970/01/01 00:10:27 fetching corpus: 4841, signal 246947/286293 (executing program) 1970/01/01 00:10:29 fetching corpus: 4891, signal 247510/286893 (executing program) 1970/01/01 00:10:31 fetching corpus: 4941, signal 247961/287416 (executing program) 1970/01/01 00:10:34 fetching corpus: 4991, signal 248509/288014 (executing program) 1970/01/01 00:10:37 fetching corpus: 5041, signal 249101/288636 (executing program) 1970/01/01 00:10:39 fetching corpus: 5091, signal 249626/289205 (executing program) 1970/01/01 00:10:41 fetching corpus: 5141, signal 252067/290367 (executing program) 1970/01/01 00:10:44 fetching corpus: 5190, signal 252659/290953 (executing program) 1970/01/01 00:10:47 fetching corpus: 5240, signal 253314/291543 (executing program) 1970/01/01 00:10:50 fetching corpus: 5289, signal 253851/292102 (executing program) 1970/01/01 00:10:52 fetching corpus: 5339, signal 254516/292648 (executing program) 1970/01/01 00:10:53 fetching corpus: 5389, signal 254899/293118 (executing program) 1970/01/01 00:10:56 fetching corpus: 5439, signal 255693/293690 (executing program) 1970/01/01 00:10:59 fetching corpus: 5489, signal 256242/294210 (executing program) 1970/01/01 00:11:01 fetching corpus: 5539, signal 256718/294706 (executing program) 1970/01/01 00:11:03 fetching corpus: 5589, signal 257196/295155 (executing program) 1970/01/01 00:11:06 fetching corpus: 5638, signal 258015/295735 (executing program) 1970/01/01 00:11:08 fetching corpus: 5688, signal 258423/296139 (executing program) 1970/01/01 00:11:10 fetching corpus: 5738, signal 259082/296627 (executing program) 1970/01/01 00:11:12 fetching corpus: 5788, signal 259595/297071 (executing program) 1970/01/01 00:11:14 fetching corpus: 5838, signal 260489/297626 (executing program) 1970/01/01 00:11:16 fetching corpus: 5888, signal 261018/298059 (executing program) 1970/01/01 00:11:18 fetching corpus: 5938, signal 261594/298501 (executing program) 1970/01/01 00:11:20 fetching corpus: 5988, signal 261991/298877 (executing program) 1970/01/01 00:11:23 fetching corpus: 6038, signal 263155/299428 (executing program) 1970/01/01 00:11:26 fetching corpus: 6088, signal 263919/299897 (executing program) 1970/01/01 00:11:28 fetching corpus: 6138, signal 264374/300249 (executing program) 1970/01/01 00:11:31 fetching corpus: 6188, signal 264987/300629 (executing program) 1970/01/01 00:11:33 fetching corpus: 6237, signal 265944/301157 (executing program) 1970/01/01 00:11:37 fetching corpus: 6287, signal 266438/301517 (executing program) 1970/01/01 00:11:40 fetching corpus: 6337, signal 266916/301907 (executing program) 1970/01/01 00:11:42 fetching corpus: 6387, signal 267471/302277 (executing program) 1970/01/01 00:11:44 fetching corpus: 6436, signal 268006/302643 (executing program) 1970/01/01 00:11:47 fetching corpus: 6486, signal 268596/302988 (executing program) 1970/01/01 00:11:49 fetching corpus: 6536, signal 269351/303377 (executing program) 1970/01/01 00:11:52 fetching corpus: 6586, signal 269796/303722 (executing program) 1970/01/01 00:11:54 fetching corpus: 6635, signal 270435/304037 (executing program) 1970/01/01 00:11:57 fetching corpus: 6685, signal 271045/304380 (executing program) 1970/01/01 00:12:00 fetching corpus: 6734, signal 271636/304713 (executing program) 1970/01/01 00:12:02 fetching corpus: 6784, signal 272153/305020 (executing program) 1970/01/01 00:12:04 fetching corpus: 6834, signal 274099/305442 (executing program) 1970/01/01 00:12:07 fetching corpus: 6884, signal 274588/305730 (executing program) 1970/01/01 00:12:10 fetching corpus: 6934, signal 275835/306074 (executing program) 1970/01/01 00:12:12 fetching corpus: 6984, signal 276434/306342 (executing program) 1970/01/01 00:12:15 fetching corpus: 7034, signal 276757/306621 (executing program) 1970/01/01 00:12:17 fetching corpus: 7084, signal 277268/306878 (executing program) 1970/01/01 00:12:19 fetching corpus: 7134, signal 277739/307143 (executing program) 1970/01/01 00:12:24 fetching corpus: 7184, signal 278476/307403 (executing program) 1970/01/01 00:12:28 fetching corpus: 7234, signal 278858/307648 (executing program) 1970/01/01 00:12:31 fetching corpus: 7283, signal 279332/307888 (executing program) 1970/01/01 00:12:33 fetching corpus: 7333, signal 279829/308126 (executing program) 1970/01/01 00:12:35 fetching corpus: 7383, signal 280284/308358 (executing program) 1970/01/01 00:12:36 fetching corpus: 7432, signal 280685/308535 (executing program) 1970/01/01 00:12:38 fetching corpus: 7482, signal 281094/308736 (executing program) 1970/01/01 00:12:40 fetching corpus: 7532, signal 281343/308937 (executing program) 1970/01/01 00:12:43 fetching corpus: 7582, signal 281904/309113 (executing program) 1970/01/01 00:12:47 fetching corpus: 7632, signal 282450/309297 (executing program) 1970/01/01 00:12:49 fetching corpus: 7682, signal 282812/309410 (executing program) 1970/01/01 00:12:51 fetching corpus: 7732, signal 283786/309410 (executing program) 1970/01/01 00:12:54 fetching corpus: 7782, signal 284645/309410 (executing program) 1970/01/01 00:12:56 fetching corpus: 7832, signal 285004/309413 (executing program) 1970/01/01 00:13:00 fetching corpus: 7882, signal 286089/309413 (executing program) 1970/01/01 00:13:03 fetching corpus: 7932, signal 286660/309417 (executing program) 1970/01/01 00:13:05 fetching corpus: 7982, signal 287068/309417 (executing program) 1970/01/01 00:13:08 fetching corpus: 8032, signal 287676/309417 (executing program) 1970/01/01 00:13:10 fetching corpus: 8081, signal 288309/309417 (executing program) 1970/01/01 00:13:13 fetching corpus: 8131, signal 288720/309417 (executing program) 1970/01/01 00:13:15 fetching corpus: 8180, signal 289479/309417 (executing program) 1970/01/01 00:13:18 fetching corpus: 8230, signal 289860/309417 (executing program) 1970/01/01 00:13:21 fetching corpus: 8280, signal 290466/309420 (executing program) 1970/01/01 00:13:23 fetching corpus: 8330, signal 291348/309484 (executing program) 1970/01/01 00:13:26 fetching corpus: 8380, signal 291988/309492 (executing program) 1970/01/01 00:13:28 fetching corpus: 8430, signal 293078/309516 (executing program) 1970/01/01 00:13:30 fetching corpus: 8480, signal 293608/309516 (executing program) 1970/01/01 00:13:32 fetching corpus: 8529, signal 293978/309518 (executing program) 1970/01/01 00:13:35 fetching corpus: 8579, signal 294529/309522 (executing program) 1970/01/01 00:13:38 fetching corpus: 8628, signal 295034/309525 (executing program) 1970/01/01 00:13:41 fetching corpus: 8678, signal 295579/309525 (executing program) 1970/01/01 00:13:44 fetching corpus: 8728, signal 295991/309525 (executing program) 1970/01/01 00:13:46 fetching corpus: 8778, signal 296396/309532 (executing program) 1970/01/01 00:13:48 fetching corpus: 8828, signal 296764/309532 (executing program) 1970/01/01 00:13:50 fetching corpus: 8878, signal 297041/309532 (executing program) 1970/01/01 00:13:53 fetching corpus: 8928, signal 297659/309532 (executing program) 1970/01/01 00:13:57 fetching corpus: 8978, signal 298120/309532 (executing program) 1970/01/01 00:14:00 fetching corpus: 9028, signal 298478/309548 (executing program) 1970/01/01 00:14:02 fetching corpus: 9077, signal 298787/309548 (executing program) 1970/01/01 00:14:04 fetching corpus: 9127, signal 299196/309548 (executing program) 1970/01/01 00:14:06 fetching corpus: 9176, signal 299558/309552 (executing program) 1970/01/01 00:14:08 fetching corpus: 9226, signal 299917/309552 (executing program) 1970/01/01 00:14:10 fetching corpus: 9276, signal 300515/309552 (executing program) 1970/01/01 00:14:15 fetching corpus: 9326, signal 301439/309552 (executing program) 1970/01/01 00:14:18 fetching corpus: 9375, signal 301998/309553 (executing program) 1970/01/01 00:14:20 fetching corpus: 9425, signal 302509/309600 (executing program) 1970/01/01 00:14:22 fetching corpus: 9475, signal 302822/309602 (executing program) 1970/01/01 00:14:25 fetching corpus: 9525, signal 303829/309602 (executing program) 1970/01/01 00:14:28 fetching corpus: 9575, signal 304385/309602 (executing program) 1970/01/01 00:14:31 fetching corpus: 9625, signal 304795/309602 (executing program) 1970/01/01 00:14:35 fetching corpus: 9675, signal 305118/309617 (executing program) 1970/01/01 00:14:39 fetching corpus: 9725, signal 305526/309617 (executing program) 1970/01/01 00:14:42 fetching corpus: 9775, signal 306018/309617 (executing program) 1970/01/01 00:14:46 fetching corpus: 9820, signal 306373/309617 (executing program) 1970/01/01 00:14:46 fetching corpus: 9820, signal 306374/309617 (executing program) 1970/01/01 00:14:46 fetching corpus: 9820, signal 306374/309618 (executing program) 1970/01/01 00:14:46 fetching corpus: 9820, signal 306374/309618 (executing program) 1970/01/01 00:16:45 starting 2 fuzzer processes 00:16:45 executing program 0: timer_create(0x2, &(0x7f0000000000)={0x0, 0x17}, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, r0+10000000}, {0x0, 0x989680}}, 0x0) 00:16:45 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$sndpcmp(&(0x7f0000002100), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_FORWARD(r0, 0x40044160, 0x0) [ 1037.068555][ T2050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1037.192096][ T2050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1039.616232][ T2051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1039.748965][ T2051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1042.951146][ C1] Unable to handle kernel paging request at virtual address ffffffff8011115c [ 1042.957105][ C1] [ 1042.957318][ C1] ====================================================== [ 1042.957433][ C1] WARNING: possible circular locking dependency detected [ 1042.957758][ T2050] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 1042.957738][ C1] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 1042.958134][ C1] ------------------------------------------------------ [ 1042.958306][ C1] sshd/2022 is trying to acquire lock: [ 1042.958576][ C1] ffffffff84a888e0 (console_owner){-...}-{0:0}, at: console_unlock+0x2b2/0x97a [ 1042.960220][ C1] [ 1042.960220][ C1] but task is already holding lock: [ 1042.960328][ C1] ffffaf805a9e7418 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x262/0xa16 [ 1042.961193][ C1] [ 1042.961193][ C1] which lock already depends on the new lock. [ 1042.961193][ C1] [ 1042.961316][ C1] [ 1042.961316][ C1] the existing dependency chain (in reverse order) is: [ 1042.961457][ C1] [ 1042.961457][ C1] -> #6 (hrtimer_bases.lock){-.-.}-{2:2}: [ 1042.962118][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1042.962695][ C1] lock_acquire+0x54/0x6a [ 1042.963060][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1042.963453][ C1] hrtimer_start_range_ns+0x9e/0x6dc [ 1042.963827][ C1] enqueue_task_rt+0x520/0x568 [ 1042.964156][ C1] enqueue_task+0x66/0x136 [ 1042.964549][ C1] __sched_setscheduler.constprop.0+0x704/0xdd4 [ 1042.965005][ C1] sched_set_fifo+0xc8/0x108 [ 1042.965405][ C1] drm_vblank_worker_init+0xea/0x10c [ 1042.965811][ C1] drm_vblank_init+0xec/0x24e [ 1042.966273][ C1] vkms_init+0x272/0x45c [ 1042.966674][ C1] do_one_initcall+0x13a/0x7ea [ 1042.967004][ C1] kernel_init_freeable+0x510/0x5b4 [ 1042.967394][ C1] kernel_init+0x28/0x21c [ 1042.967805][ C1] ret_from_exception+0x0/0x10 [ 1042.968259][ C1] [ 1042.968259][ C1] -> #5 (&rt_b->rt_runtime_lock){-...}-{2:2}: [ 1042.968846][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1042.969265][ C1] lock_acquire+0x54/0x6a [ 1042.969639][ C1] _raw_spin_lock+0x32/0x48 [ 1042.970028][ C1] rq_online_rt+0x78/0x1b8 [ 1042.970374][ C1] set_rq_online.part.0+0xaa/0xc2 [ 1042.970769][ C1] sched_cpu_activate+0x1c0/0x250 [ 1042.971130][ C1] cpuhp_invoke_callback+0x282/0x504 [ 1042.971496][ C1] cpuhp_thread_fun+0x2f6/0x4b0 [ 1042.971898][ C1] smpboot_thread_fn+0x448/0x6cc [ 1042.972340][ C1] kthread+0x19e/0x1fa [ 1042.972762][ C1] ret_from_exception+0x0/0x10 [ 1042.973149][ C1] [ 1042.973149][ C1] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 1042.973699][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1042.974105][ C1] lock_acquire+0x54/0x6a [ 1042.974504][ C1] _raw_spin_lock_nested+0x36/0x4e [ 1042.974871][ C1] raw_spin_rq_lock_nested+0x22/0x34 [ 1042.975300][ C1] task_fork_fair+0xa8/0x218 [ 1042.975709][ C1] sched_post_fork+0x16e/0x196 [ 1042.976123][ C1] copy_process+0x3378/0x3c34 [ 1042.976513][ C1] kernel_clone+0xee/0x920 [ 1042.976893][ C1] kernel_thread+0xf8/0x130 [ 1042.977278][ C1] rest_init+0x34/0x3f2 [ 1042.977634][ C1] arch_call_rest_init+0x18/0x20 [ 1042.977992][ C1] start_kernel+0x66a/0x698 [ 1042.978370][ C1] [ 1042.978370][ C1] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 1042.978904][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1042.979300][ C1] lock_acquire+0x54/0x6a [ 1042.979655][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1042.980015][ C1] try_to_wake_up+0xa4/0x748 [ 1042.980433][ C1] default_wake_function+0x28/0x36 [ 1042.980848][ C1] woken_wake_function+0x38/0x48 [ 1042.981210][ C1] __wake_up_common+0xb6/0x236 [ 1042.981540][ C1] __wake_up_common_lock+0xd6/0x136 [ 1042.981902][ C1] __wake_up+0x10/0x18 [ 1042.982272][ C1] tty_wakeup+0x58/0xbe [ 1042.982659][ C1] tty_port_default_wakeup+0x2c/0x44 [ 1042.983041][ C1] tty_port_tty_wakeup+0x3a/0x46 [ 1042.983410][ C1] uart_write_wakeup+0x34/0x48 [ 1042.983735][ C1] serial8250_tx_chars+0x322/0x592 [ 1042.984133][ C1] serial8250_handle_irq.part.0+0x284/0x286 [ 1042.984558][ C1] serial8250_default_handle_irq+0xac/0x142 [ 1042.984968][ C1] serial8250_interrupt+0xbe/0x1a6 [ 1042.985346][ C1] __handle_irq_event_percpu+0x16e/0x6ec [ 1042.985713][ C1] handle_irq_event+0x6a/0xfa [ 1042.986035][ C1] handle_fasteoi_irq+0x1c0/0x4d6 [ 1042.986448][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1042.986795][ C1] plic_handle_irq+0x122/0x242 [ 1042.987206][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1042.987571][ C1] riscv_intc_irq+0x7e/0xc8 [ 1042.987964][ C1] generic_handle_arch_irq+0x36/0x54 [ 1042.988380][ C1] ret_from_exception+0x0/0x10 [ 1042.988715][ C1] rcu_gp_cleanup+0x182/0xa90 [ 1042.989144][ C1] [ 1042.989144][ C1] -> #2 (&tty->write_wait){-.-.}-{2:2}: [ 1042.989703][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1042.990100][ C1] lock_acquire+0x54/0x6a [ 1042.990472][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1042.990826][ C1] __wake_up_common_lock+0xc4/0x136 [ 1042.991211][ C1] __wake_up+0x10/0x18 [ 1042.991544][ C1] tty_wakeup+0x58/0xbe [ 1042.991907][ C1] tty_port_default_wakeup+0x2c/0x44 [ 1042.992296][ C1] tty_port_tty_wakeup+0x3a/0x46 [ 1042.992661][ C1] uart_write_wakeup+0x34/0x48 [ 1042.992984][ C1] serial8250_tx_chars+0x322/0x592 [ 1042.993403][ C1] serial8250_handle_irq.part.0+0x284/0x286 [ 1042.993840][ C1] serial8250_default_handle_irq+0xac/0x142 [ 1042.994313][ C1] serial8250_interrupt+0xbe/0x1a6 [ 1042.994694][ C1] __handle_irq_event_percpu+0x16e/0x6ec [ 1042.995065][ C1] handle_irq_event+0x6a/0xfa [ 1042.995410][ C1] handle_fasteoi_irq+0x1c0/0x4d6 [ 1042.995813][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1042.996165][ C1] plic_handle_irq+0x122/0x242 [ 1042.996579][ C1] generic_handle_domain_irq+0x7c/0x9c [ 1042.996926][ C1] riscv_intc_irq+0x7e/0xc8 [ 1042.997334][ C1] generic_handle_arch_irq+0x36/0x54 [ 1042.997729][ C1] ret_from_exception+0x0/0x10 [ 1042.998069][ C1] _raw_spin_unlock_irqrestore+0x68/0x98 [ 1042.998473][ C1] [ 1042.998473][ C1] -> #1 (&port_lock_key){-.-.}-{2:2}: [ 1042.999032][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1042.999439][ C1] lock_acquire+0x54/0x6a [ 1042.999801][ C1] _raw_spin_lock_irqsave+0x3e/0x62 [ 1043.000169][ C1] serial8250_console_write+0x848/0x8e6 [ 1043.000611][ C1] univ8250_console_write+0x46/0x54 [ 1043.000998][ C1] console_unlock+0x666/0x97a [ 1043.001445][ C1] register_console+0x250/0x534 [ 1043.001879][ C1] uart_add_one_port+0xbf2/0xc14 [ 1043.002222][ C1] serial8250_register_8250_port+0x8ce/0xc6e [ 1043.002649][ C1] of_platform_serial_probe+0x7ae/0xa9c [ 1043.002974][ C1] platform_probe+0xc8/0x172 [ 1043.003334][ C1] really_probe+0x1a6/0x89e [ 1043.003649][ C1] __driver_probe_device+0x24a/0x2d4 [ 1043.003984][ C1] driver_probe_device+0x60/0x1a4 [ 1043.004322][ C1] __driver_attach+0x178/0x33e [ 1043.004646][ C1] bus_for_each_dev+0x122/0x194 [ 1043.005046][ C1] driver_attach+0x32/0x3c [ 1043.005358][ C1] bus_add_driver+0x2c6/0x41a [ 1043.005672][ C1] driver_register+0x144/0x286 [ 1043.006003][ C1] __platform_driver_register+0x46/0x52 [ 1043.006416][ C1] of_platform_serial_driver_init+0x22/0x2a [ 1043.006861][ C1] do_one_initcall+0x13a/0x7ea [ 1043.007170][ C1] kernel_init_freeable+0x510/0x5b4 [ 1043.007546][ C1] kernel_init+0x28/0x21c [ 1043.007917][ C1] ret_from_exception+0x0/0x10 [ 1043.008268][ C1] [ 1043.008268][ C1] -> #0 (console_owner){-...}-{0:0}: [ 1043.008813][ C1] check_noncircular+0x1de/0x1fe [ 1043.009208][ C1] __lock_acquire+0x19a4/0x333e [ 1043.009580][ C1] lock_acquire.part.0+0x1d0/0x424 [ 1043.009967][ C1] lock_acquire+0x54/0x6a [ 1043.010358][ C1] console_unlock+0x304/0x97a [ 1043.010770][ C1] vprintk_emit+0xd2/0x416 [ 1043.011182][ C1] vprintk_default+0x22/0x2e [ 1043.011608][ C1] vprintk+0x108/0x13e [ 1043.011941][ C1] _printk+0xa0/0xc8 [ 1043.012274][ C1] die_kernel_fault+0x3a/0x60 [ 1043.012722][ C1] do_page_fault+0x5b2/0xa3c [ 1043.013129][ C1] ret_from_exception+0x0/0x10 [ 1043.013483][ C1] hrtimer_update_next_event+0x9e/0x12c [ 1043.013938][ C1] [ 1043.013938][ C1] other info that might help us debug this: [ 1043.013938][ C1] [ 1043.014085][ C1] Chain exists of: [ 1043.014085][ C1] console_owner --> &rt_b->rt_runtime_lock --> hrtimer_bases.lock [ 1043.014085][ C1] [ 1043.014811][ C1] Possible unsafe locking scenario: [ 1043.014811][ C1] [ 1043.014935][ C1] CPU0 CPU1 [ 1043.015029][ C1] ---- ---- [ 1043.015119][ C1] lock(hrtimer_bases.lock); [ 1043.015387][ C1] lock(&rt_b->rt_runtime_lock); [ 1043.015676][ C1] lock(hrtimer_bases.lock); [ 1043.015951][ C1] lock(console_owner); [ 1043.016193][ C1] [ 1043.016193][ C1] *** DEADLOCK *** [ 1043.016193][ C1] [ 1043.016335][ C1] 2 locks held by sshd/2022: [ 1043.016568][ C1] #0: ffffaf805a9e7418 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x262/0xa16 [ 1043.017547][ C1] #1: ffffffff84a88600 (console_lock){+.+.}-{0:0}, at: vprintk_default+0x22/0x2e [ 1043.018630][ C1] [ 1043.018630][ C1] stack backtrace: [ 1043.019008][ C1] CPU: 1 PID: 2022 Comm: sshd Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1043.019451][ C1] Hardware name: riscv-virtio,qemu (DT) [ 1043.019930][ C1] Call Trace: [ 1043.020116][ C1] [] dump_backtrace+0x2e/0x3c [ 1043.020630][ C1] [] show_stack+0x34/0x40 [ 1043.021026][ C1] [] dump_stack_lvl+0xe4/0x150 [ 1043.021524][ C1] [] dump_stack+0x1c/0x24 [ 1043.021996][ C1] [] print_circular_bug+0x34e/0x3d8 [ 1043.022465][ C1] [] check_noncircular+0x1de/0x1fe [ 1043.022915][ C1] [] __lock_acquire+0x19a4/0x333e [ 1043.023364][ C1] [] lock_acquire.part.0+0x1d0/0x424 [ 1043.023821][ C1] [] lock_acquire+0x54/0x6a [ 1043.024259][ C1] [] console_unlock+0x304/0x97a [ 1043.024736][ C1] [] vprintk_emit+0xd2/0x416 [ 1043.025227][ C1] [] vprintk_default+0x22/0x2e [ 1043.025716][ C1] [] vprintk+0x108/0x13e [ 1043.026064][ C1] [] _printk+0xa0/0xc8 [ 1043.026516][ C1] [] die_kernel_fault+0x3a/0x60 [ 1043.026970][ C1] [] do_page_fault+0x5b2/0xa3c [ 1043.027438][ C1] [] ret_from_exception+0x0/0x10 [ 1043.027846][ C1] [] hrtimer_update_next_event+0x9e/0x12c [ 1043.031575][ C1] Oops [#1] [ 1043.035284][ C1] Modules linked in: [ 1043.041207][ C1] CPU: 1 PID: 2022 Comm: sshd Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1043.046722][ C1] Hardware name: riscv-virtio,qemu (DT) [ 1043.051076][ C1] epc : hrtimer_update_next_event+0xaa/0x12c [ 1043.054756][ C1] ra : hrtimer_update_next_event+0x9e/0x12c [ 1043.058271][ C1] epc : ffffffff8016c642 ra : ffffffff8016c636 sp : ffffaf800cb936b0 [ 1043.063417][ T2050] SMP: stopping secondary CPUs [ 1043.258187][ C1] gp : ffffffff85863ac0 tp : ffffaf800cf5c8c0 t0 : 0000000000046000 [ 1043.260273][ C1] t1 : 3bc8d578b96e3e00 t2 : ffffffff83604ca0 s0 : ffffaf800cb936f0 [ 1043.262328][ C1] s1 : ffffffff801110e4 a0 : 0000000000000000 a1 : 0000000000000000 [ 1043.264345][ C1] a2 : 0000000000000050 a3 : 7fffffffffffffff a4 : 0000000000000000 [ 1043.266424][ C1] a5 : ffffffff8011115c a6 : 0000000000f00000 a7 : ffffffff80b09d26 [ 1043.268401][ C1] s2 : 0000000000000000 s3 : ffffffff80111128 s4 : 000000007bb67b56 [ 1043.270339][ C1] s5 : ffffffff8011115c s6 : ffffffffffffffff s7 : ffffffff801110e4 [ 1043.272221][ C1] s8 : ffffaf800cb93860 s9 : ffffaf805a9e7460 s10: ffffaf805a9e7768 [ 1043.273981][ C1] s11: ffffaf805a9e7448 t3 : fffffffff3f3f300 t4 : ffffffff80112282 [ 1043.275660][ C1] t5 : 1ffff5f001972638 t6 : 0000000000040000 [ 1043.276829][ C1] status: 0000000000000100 badaddr: ffffffff8011115c cause: 000000000000000f [ 1043.278505][ C1] [] hrtimer_interrupt+0x1da/0x3ea [ 1043.279825][ C1] [] riscv_timer_interrupt+0x5c/0x6a [ 1043.282925][ T2050] Rebooting in 86400 seconds.. VM DIAGNOSIS: 13:02:30 Registers: info registers vcpu 0 pc ffffffff80dc337e mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff801219f2 sepc ffffffff801159f6 mcause 8000000000000007 scause 8000000000000009 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80dc337e x2/sp ffffaf800cb96080 x3/gp ffffffff85863ac0 x4/tp ffffaf800f156100 x5/t0 ffffffff86bcb657 x6/t1 fffffffef0d796ca x7/t2 0000000000000000 x8/s0 ffffaf800cb960b0 x9/s1 ffffffff86e58900 x10/a0 ffffffff86e58948 x11/a1 ffff8f800066c000 x12/a2 1ffffffff0dcb129 x13/a3 ffffffff80dc337e x14/a4 0000000000000000 x15/a5 ffffffff86e58948 x16/a6 ffffffff86e589f1 x17/a7 ffffffff86bcb656 x18/s2 ffff8f800066c000 x19/s3 0000000000000072 x20/s4 ffffffff86e58900 x21/s5 ffffffff80dc333e x22/s6 0000000000000000 x23/s7 ffffffff86bcb68e x24/s8 0000000000000010 x25/s9 ffffffff86e58958 x26/s10 0000000000000010 x27/s11 0000000000000000 x28/t3 0000000000000057 x29/t4 fffffffef0d796c8 x30/t5 fffffffef0d796cb x31/t6 ffffffff86bcb657 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff8316af8c mhartid 0000000000000001 mstatus 0000000000000180 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff831a2636 sepc ffffffff8016c642 mcause 8000000000000007 scause 000000000000000f mtval 0000000000000000 stval ffffffff8011115c x0/zero 0000000000000000 x1/ra ffffffff80008f96 x2/sp ffffaf800cb934c0 x3/gp ffffffff85863ac0 x4/tp ffffaf800cf5c8c0 x5/t0 ffffffff86bdb448 x6/t1 fffff5ef0b53c90c x7/t2 0000000000000000 x8/s0 ffffaf800cb934e0 x9/s1 ffffaf800cb93590 x10/a0 0000000000000009 x11/a1 00000000000f0000 x12/a2 0000000000010003 x13/a3 ffffffff8012252a x14/a4 3bc8d578b96e3e00 x15/a5 3bc8d578b96e3e00 x16/a6 0000000000f00000 x17/a7 ffffaf805a9e4863 x18/s2 ffffffff8360a300 x19/s3 ffffffff8011115c x20/s4 000000000000000f x21/s5 ffffaf800cf5d8c0 x22/s6 0000000000001000 x23/s7 ffffaf800cb93690 x24/s8 ffffaf800cb936a0 x25/s9 ffffffff85863560 x26/s10 ffffaf800cf5c8c0 x27/s11 ffffaf805a9e7448 x28/t3 000000000000005d x29/t4 fffff5ef0b53c90c x30/t5 fffff5ef0b53c90d x31/t6 ffffffff86bdb454 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000