infiniband syz2: set active infiniband syz0: set active ================================================================== BUG: KASAN: null-ptr-deref in __seqprop_raw_spinlock_sequence include/linux/seqlock.h:274 [inline] BUG: KASAN: null-ptr-deref in hrtimer_active+0x4e/0xf8 kernel/time/hrtimer.c:1614 Read of size 4 at addr 0000000000000010 by task syz-executor.0/16762 CPU: 1 PID: 16762 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-g533925cb7604 #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:121 [] show_stack+0x34/0x40 arch/riscv/kernel/stacktrace.c:127 [] __dump_stack lib/dump_stack.c:88 [inline] [] dump_stack_lvl+0xe0/0x14c lib/dump_stack.c:106 [] print_report+0x4e2/0x4fe mm/kasan/report.c:478 [] kasan_report+0xbc/0x182 mm/kasan/report.c:588 [] check_region_inline mm/kasan/generic.c:180 [inline] [] __asan_load4+0x80/0xa8 mm/kasan/generic.c:258 [] __seqprop_raw_spinlock_sequence include/linux/seqlock.h:274 [inline] [] hrtimer_active+0x4e/0xf8 kernel/time/hrtimer.c:1614 [] hrtimer_try_to_cancel kernel/time/hrtimer.c:1331 [inline] [] hrtimer_cancel+0x18/0x60 kernel/time/hrtimer.c:1446 [] napi_disable+0x138/0x1ba net/core/dev.c:6386 [] veth_napi_del_range+0xa2/0x45e drivers/net/veth.c:1107 [] veth_napi_del drivers/net/veth.c:1127 [inline] [] veth_set_features drivers/net/veth.c:1589 [inline] [] veth_set_features+0x146/0x232 drivers/net/veth.c:1567 [] __netdev_update_features+0x582/0x1370 net/core/dev.c:9713 [] netdev_update_features+0x80/0xee net/core/dev.c:9787 [] veth_xdp_set drivers/net/veth.c:1690 [inline] [] veth_xdp+0x3a6/0x554 drivers/net/veth.c:1703 [] bond_xdp_set drivers/net/bonding/bond_main.c:5624 [inline] [] bond_xdp+0x22c/0x632 drivers/net/bonding/bond_main.c:5670 [] dev_xdp_install+0xe8/0x20e net/core/dev.c:9103 [] dev_xdp_attach+0x576/0xa46 net/core/dev.c:9255 [] dev_change_xdp_fd+0x21e/0x2bc net/core/dev.c:9501 [] do_setlink+0x215a/0x23ee net/core/rtnetlink.c:3089 [] rtnl_group_changelink net/core/rtnetlink.c:3409 [inline] [] __rtnl_newlink+0xa3c/0xfdc net/core/rtnetlink.c:3665 [] rtnl_newlink+0x60/0x8c net/core/rtnetlink.c:3702 [] rtnetlink_rcv_msg+0x35e/0xb3c net/core/rtnetlink.c:6424 [] netlink_rcv_skb+0x100/0x2ce net/netlink/af_netlink.c:2549 [] rtnetlink_rcv+0x26/0x30 net/core/rtnetlink.c:6442 [] netlink_unicast_kernel net/netlink/af_netlink.c:1339 [inline] [] netlink_unicast+0x410/0x600 net/netlink/af_netlink.c:1365 [] netlink_sendmsg+0x524/0x9f6 net/netlink/af_netlink.c:1914 [] sock_sendmsg_nosec net/socket.c:725 [inline] [] sock_sendmsg+0xa0/0xf2 net/socket.c:748 [] ____sys_sendmsg+0x51e/0x558 net/socket.c:2494 [] ___sys_sendmsg+0x124/0x1b6 net/socket.c:2548 [] __sys_sendmsg+0xfc/0x1a8 net/socket.c:2577 [] __do_sys_sendmsg net/socket.c:2586 [inline] [] sys_sendmsg+0x2c/0x3a net/socket.c:2584 [] syscall_handler+0xfa/0x148 arch/riscv/include/asm/syscall.h:90 [] do_trap_ecall_u+0xea/0xec arch/riscv/kernel/traps.c:302 [] ret_from_exception+0x0/0x64 arch/riscv/kernel/entry.S:102 ==================================================================