Extracting prog: 1m55.228020172s
Minimizing prog: 20m2.697292325s
Simplifying prog options: 5m41.202127906s
Extracting C: 2m31.183144202s
Simplifying C: 0s
1 programs, 3 VMs, timeouts [15s 1m40s 6m0s]
extracting reproducer from 1 programs
single: executing 1 programs separately with timeout 15s
testing program (duration=15s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x34}}, 0x0)
program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 1m40s
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x34}}, 0x0)
program crashed: lost connection to test machine
single: successfully extracted reproducer
found reproducer with 4 syscalls
minimizing guilty program
testing program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
program did not crash
testing program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x34}}, 0x0)
program did not crash
testing program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x34}}, 0x0)
program did not crash
testing program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x34}}, 0x0)
failed to boot instance (try 1): failed to create VM: can't ssh into the instance
failed to run ["ssh" "-p" "44444" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "IdentitiesOnly=yes" "-o" "BatchMode=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "root@localhost" "pwd"]: exit status 255
Connection timed out during banner exchange
Connection to 127.0.0.1 port 44444 timed out
ftruncate: Invalid argument
qemu-system-x86_64: warning: hub 0 is not connected to host network
[ 0.000000][ T0] Linux version 6.10.0-rc6-syzkaller-00067-g8a9c6c40432e (syzkaller@syzkaller) (gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #0 SMP PREEMPT_DYNAMIC now
[ 0.000000][ T0] Command line: root=/dev/sda console=ttyS0 root=/dev/sda1
[ 0.000000][ T0] KERNEL supported cpus:
[ 0.000000][ T0] Intel GenuineIntel
[ 0.000000][ T0] AMD AuthenticAMD
[ 0.000000][ T0] BIOS-provided physical RAM map:
[ 0.000000][ T0] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[ 0.000000][ T0] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[ 0.000000][ T0] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[ 0.000000][ T0] BIOS-e820: [mem 0x0000000000100000-0x000000007ffdcfff] usable
[ 0.000000][ T0] BIOS-e820: [mem 0x000000007ffdd000-0x000000007fffffff] reserved
[ 0.000000][ T0] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved
[ 0.000000][ T0] BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved
[ 0.000000][ T0] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[ 0.000000][ T0] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[ 0.000000][ T0] BIOS-e820: [mem 0x0000000100000000-0x000000017fffffff] usable
[ 0.000000][ T0] printk: legacy bootconsole [earlyser0] enabled
[ 0.000000][ T0] ERROR: earlyprintk= earlyser already used
[ 0.000000][ T0] ERROR: earlyprintk= earlyser already used
[ 0.000000][ T0] **********************************************************
[ 0.000000][ T0] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **
[ 0.000000][ T0] ** **
[ 0.000000][ T0] ** This system shows unhashed kernel memory addresses **
[ 0.000000][ T0] ** via the console, logs, and other interfaces. This **
[ 0.000000][ T0] ** might reduce the security of your system. **
[ 0.000000][ T0] ** **
[ 0.000000][ T0] ** If you see this message and you are not debugging **
[ 0.000000][ T0] ** the kernel, report this immediately to your system **
[ 0.000000][ T0] ** administrator! **
[ 0.000000][ T0] ** **
[ 0.000000][ T0] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **
[ 0.000000][ T0] **********************************************************
[ 0.000000][ T0] Malformed early option 'vsyscall'
[ 0.000000][ T0] nopcid: PCID feature disabled
[ 0.000000][ T0] NX (Execute Disable) protection: active
[ 0.000000][ T0] APIC: Static calls initialized
[ 0.000000][ T0] SMBIOS 3.0.0 present.
[ 0.000000][ T0] DMI: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 0.000000][ T0] DMI: Memory slots populated: 1/1
[ 0.000000][ T0] Hypervisor detected: KVM
[ 0.000000][ T0] kvm-clock: Using msrs 4b564d01 and 4b564d00
[ 0.000005][ T0] kvm-clock: using sched offset of 1909629928 cycles
[ 0.004226][ T0] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
[ 0.019311][ T0] tsc: Detected 2600.028 MHz processor
[ 0.037599][ T0] last_pfn = 0x180000 max_arch_pfn = 0x400000000
[ 0.043533][ T0] MTRR map: 4 entries (3 fixed + 1 variable; max 19), built from 8 variable MTRRs
[ 0.051707][ T0] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
[ 0.058868][ T0] last_pfn = 0x7ffdd max_arch_pfn = 0x400000000
[ 0.074379][ T0] found SMP MP-table at [mem 0x000f53c0-0x000f53cf]
[ 0.080055][ T0] Using GB pages for direct mapping
[ 0.088603][ T0] ACPI: Early table checksum verification disabled
[ 0.093649][ T0] ACPI: RSDP 0x00000000000F5190 000014 (v00 BOCHS )
[ 0.098407][ T0] ACPI: RSDT 0x000000007FFE2925 000048 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.104879][ T0] ACPI: FACP 0x000000007FFE1B2C 0000F4 (v03 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.111379][ T0] ACPI: DSDT 0x000000007FFDF040 002AEC (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.117833][ T0] ACPI: FACS 0x000000007FFDF000 000040
[ 0.122188][ T0] ACPI: APIC 0x000000007FFE1C20 0000B0 (v03 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.128919][ T0] ACPI: HPET 0x000000007FFE1CD0 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.136095][ T0] ACPI: SRAT 0x000000007FFE1D08 000178 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.142980][ T0] ACPI: MCFG 0x000000007FFE1E80 00003C (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.150534][ T0] ACPI: DMAR 0x000000007FFE1EBC 0000C0 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.157497][ T0] ACPI: SSDT 0x000000007FFE1F7C 0008A1 (v01 BOCHS NVDIMM 00000001 BXPC 00000001)
[ 0.164203][ T0] ACPI: NFIT 0x000000007FFE281D 0000E0 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.170835][ T0] ACPI: WAET 0x000000007FFE28FD 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.177512][ T0] ACPI: Reserving FACP table memory at [mem 0x7ffe1b2c-0x7ffe1c1f]
[ 0.184150][ T0] ACPI: Reserving DSDT table memory at [mem 0x7ffdf040-0x7ffe1b2b]
[ 0.190756][ T0] ACPI: Reserving FACS table memory at [mem 0x7ffdf000-0x7ffdf03f]
[ 0.197293][ T0] ACPI: Reserving APIC table memory at [mem 0x7ffe1c20-0x7ffe1ccf]
[ 0.203113][ T0] ACPI: Reserving HPET table memory at [mem 0x7ffe1cd0-0x7ffe1d07]
[ 0.208640][ T0] ACPI: Reserving SRAT table memory at [mem 0x7ffe1d08-0x7ffe1e7f]
[ 0.214264][ T0] ACPI: Reserving MCFG table memory at [mem 0x7ffe1e80-0x7ffe1ebb]
[ 0.219739][ T0] ACPI: Reserving DMAR table memory at [mem 0x7ffe1ebc-0x7ffe1f7b]
[ 0.225105][ T0] ACPI: Reserving SSDT table memory at [mem 0x7ffe1f7c-0x7ffe281c]
[ 0.231181][ T0] ACPI: Reserving NFIT table memory at [mem 0x7ffe281d-0x7ffe28fc]
[ 0.237210][ T0] ACPI: Reserving WAET table memory at [mem 0x7ffe28fd-0x7ffe2924]
[ 0.244308][ T0] SRAT: PXM 0 -> APIC 0x00 -> Node 0
[ 0.248793][ T0] SRAT: PXM 0 -> APIC 0x01 -> Node 0
[ 0.253418][ T0] SRAT: PXM 0 -> APIC 0x02 -> Node 0
[ 0.257925][ T0] SRAT: PXM 0 -> APIC 0x03 -> Node 0
[ 0.261872][ T0] SRAT: PXM 0 -> APIC 0x04 -> Node 0
[ 0.265646][ T0] SRAT: PXM 0 -> APIC 0x05 -> Node 0
[ 0.269433][ T0] SRAT: PXM 0 -> APIC 0x06 -> Node 0
[ 0.273580][ T0] SRAT: PXM 0 -> APIC 0x07 -> Node 0
[ 0.277551][ T0] ACPI: SRAT: Node 0 PXM 0 [mem 0x00000000-0x0009ffff]
[ 0.283421][ T0] ACPI: SRAT: Node 0 PXM 0 [mem 0x00100000-0x7fffffff]
[ 0.288649][ T0] ACPI: SRAT: Node 0 PXM 0 [mem 0x100000000-0x17fffffff]
[ 0.293573][ T0] ACPI: SRAT: Node 0 PXM 0 [mem 0x180000000-0x183ffffff] non-volatile
[ 0.299192][ T0] ACPI: SRAT: Node 0 PXM 0 [mem 0x180000000-0x57fffffff] hotplug
[ 0.304551][ T0] NUMA: Node 0 [mem 0x00000000-0x0009ffff] + [mem 0x00100000-0x7fffffff] -> [mem 0x00000000-0x7fffffff]
[ 0.312195][ T0] NUMA: Node 0 [mem 0x00000000-0x7fffffff] + [mem 0x100000000-0x17fffffff] -> [mem 0x00000000-0x17fffffff]
[ 0.320638][ T0] Faking node 0 at [mem 0x0000000000000000-0x00000000ffffffff] (4096MB)
[ 0.326326][ T0] Faking node 1 at [mem 0x0000000100000000-0x000000017fffffff] (2048MB)
[ 0.332301][ T0] NODE_DATA(0) allocated [mem 0x7ffd7000-0x7ffdcfff]
[ 0.336881][ T0] NODE_DATA(1) allocated [mem 0x17fff7000-0x17fffcfff]
[ 0.357629][ T0] Zone ranges:
[ 0.360028][ T0] DMA [mem 0x0000000000001000-0x0000000000ffffff]
[ 0.365063][ T0] DMA32 [mem 0x0000000001000000-0x00000000ffffffff]
[ 0.370082][ T0] Normal [mem 0x0000000100000000-0x000000017fffffff]
[ 0.375537][ T0] Device empty
[ 0.378140][ T0] Movable zone start for each node
[ 0.381858][ T0] Early memory node ranges
[ 0.385028][ T0] node 0: [mem 0x0000000000001000-0x000000000009efff]
[ 0.390142][ T0] node 0: [mem 0x0000000000100000-0x000000007ffdcfff]
[ 0.395954][ T0] node 1: [mem 0x0000000100000000-0x000000017fffffff]
[ 0.402176][ T0] Initmem setup node 0 [mem 0x0000000000001000-0x000000007ffdcfff]
[ 0.408182][ T0] Initmem setup node 1 [mem 0x0000000100000000-0x000000017fffffff]
[ 0.414283][ T0] On node 0, zone DMA: 1 pages in unavailable ranges
[ 0.419003][ T0] On node 0, zone DMA: 97 pages in unavailable ranges
[ 0.467417][ T0] On node 1, zone Normal: 35 pages in unavailable ranges
[ 0.622770][ T0] kasan: KernelAddressSanitizer initialized
[ 0.632604][ T0] ACPI: PM-Timer IO Port: 0x608
[ 0.636181][ T0] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
[ 0.641321][ T0] IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23
[ 0.646846][ T0] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
[ 0.652093][ T0] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
[ 0.658130][ T0] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[ 0.664442][ T0] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
[ 0.670581][ T0] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
[ 0.676568][ T0] ACPI: Using ACPI (MADT) for SMP configuration information
[ 0.682156][ T0] ACPI: HPET id: 0x8086a201 base: 0xfed00000
[ 0.687202][ T0] TSC deadline timer available
[ 0.691205][ T0] CPU topo: Max. logical packages: 2
[ 0.695742][ T0] CPU topo: Max. logical dies: 2
[ 0.700095][ T0] CPU topo: Max. dies per package: 1
[ 0.704521][ T0] CPU topo: Max. threads per core: 2
[ 0.709105][ T0] CPU topo: Num. cores per package: 2
[ 0.713938][ T0] CPU topo: Num. threads per package: 4
[ 0.718694][ T0] CPU topo: Allowing 4 present CPUs plus 4 hotplug CPUs
[ 0.724436][ T0] kvm-guest: APIC: eoi() replaced with kvm_guest_apic_eoi_write()
[ 0.730874][ T0] kvm-guest: KVM setup pv remote TLB flush
[ 0.735618][ T0] kvm-guest: setup PV sched yield
[ 0.739605][ T0] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
[ 0.746759][ T0] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[ 0.752902][ T0] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000effff]
[ 0.758646][ T0] PM: hibernation: Registered nosave memory: [mem 0x000f0000-0x000fffff]
[ 0.764416][ T0] PM: hibernation: Registered nosave memory: [mem 0x7ffdd000-0x7fffffff]
[ 0.770293][ T0] PM: hibernation: Registered nosave memory: [mem 0x80000000-0xafffffff]
[ 0.777401][ T0] PM: hibernation: Registered nosave memory: [mem 0xb0000000-0xbfffffff]
[ 0.784756][ T0] PM: hibernation: Registered nosave memory: [mem 0xc0000000-0xfed1bfff]
[ 0.792212][ T0] PM: hibernation: Registered nosave memory: [mem 0xfed1c000-0xfed1ffff]
[ 0.799190][ T0] PM: hibernation: Registered nosave memory: [mem 0xfed20000-0xfeffbfff]
[ 0.806014][ T0] PM: hibernation: Registered nosave memory: [mem 0xfeffc000-0xfeffffff]
[ 0.813164][ T0] PM: hibernation: Registered nosave memory: [mem 0xff000000-0xfffbffff]
[ 0.819011][ T0] PM: hibernation: Registered nosave memory: [mem 0xfffc0000-0xffffffff]
[ 0.826014][ T0] [mem 0xc0000000-0xfed1bfff] available for PCI devices
[ 0.831712][ T0] Booting paravirtualized kernel on KVM
[ 0.835950][ T0] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[ 1.061256][ T0] setup_percpu: NR_CPUS:8 nr_cpumask_bits:8 nr_cpu_ids:8 nr_node_ids:2
[ 1.069258][ T0] percpu: Embedded 74 pages/cpu s264648 r8192 d30264 u1048576
[ 1.074666][ T0] kvm-guest: PV spinlocks enabled
[ 1.078077][ T0] PV qspinlock hash table entries: 256 (order: 0, 4096 bytes, linear)
[ 1.083636][ T0] Kernel command line: earlyprintk=serial net.ifnames=0 sysctl.kernel.hung_task_all_cpu_backtrace=1 ima_policy=tcb nf-conntrack-ftp.ports=20000 nf-conntrack-tftp.ports=20000 nf-conntrack-sip.ports=20000 nf-conntrack-irc.ports=20000 nf-conntrack-sane.ports=20000 binder.debug_mask=0 rcupdate.rcu_expedited=1 rcupdate.rcu_cpu_stall_cputime=1 no_hash_pointers page_owner=on sysctl.vm.nr_hugepages=4 sysctl.vm.nr_overcommit_hugepages=4 secretmem.enable=1 sysctl.max_rcu_stall_to_panic=1 msr.allow_writes=off coredump_filter=0xffff root=/dev/sda console=ttyS0 vsyscall=native numa=fake=2 kvm-intel.nested=1 spec_store_bypass_disable=prctl nopcid vivid.n_devs=16 vivid.multiplanar=1,2,1,2,1,2,1,2,1,2,1,2,1,2,1,2 netrom.nr_ndevs=16 rose.rose_ndevs=16 smp.csd_lock_timeout=100000 watchdog_thresh=55 workqueue.watchdog_thresh=140 sysctl.net.core.netdev_unregister_timeout_secs=140 dummy_hcd.num=8 panic_on_warn=1 root=/dev/sda console=ttyS0 root=/dev/sda1
[ 1.148221][ T0] Unknown kernel command line parameters "spec_store_bypass_disable=prctl", will be passed to user space.
[ 1.156295][ T0] random: crng init done
[ 1.159908][ T0] Fallback order for Node 0: 0 1
[ 1.159922][ T0] Fallback order for Node 1: 1 0
[ 1.159935][ T0] Built 2 zonelists, mobility grouping on. Total pages: 1048443
[ 1.171240][ T0] Policy zone: Normal
[ 1.174286][ T0] mem auto-init: stack:all(zero), heap alloc:on, heap free:off
[ 1.179024][ T0] stackdepot: allocating hash table via alloc_large_system_hash
[ 1.184098][ T0] stackdepot hash table entries: 1048576 (order: 12, 16777216 bytes, linear)
[ 1.193796][ T0] software IO TLB: area num 8.
[ 1.558503][ T0] Memory: 3146484K/4193772K available (165888K kernel code, 39318K rwdata, 37248K rodata, 26016K init, 34368K bss, 1047032K reserved, 0K cma-reserved)
[ 1.570301][ T0] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=8, Nodes=2
[ 1.628975][ T0] allocated 83886080 bytes of page_ext
[ 1.632426][ T0] Node 0, zone DMA: page owner found early allocated 0 pages
[ 1.647655][ T0] Node 0, zone DMA32: page owner found early allocated 10355 pages
[ 1.661038][ T0] Node 1, zone Normal: page owner found early allocated 10243 pages
[ 1.668693][ T0] Dynamic Preempt: full
[ 1.674318][ T0] Running RCU self tests
[ 1.677531][ T0] Running RCU synchronous self tests
[ 1.681658][ T0] rcu: Preemptible hierarchical RCU implementation.
[ 1.686770][ T0] rcu: RCU lockdep checking is enabled.
[ 1.691114][ T0] rcu: RCU callback double-/use-after-free debug is enabled.
[ 1.696777][ T0] rcu: RCU debug extended QS entry/exit.
[ 1.701199][ T0] All grace periods are expedited (rcu_expedited).
[ 1.705775][ T0] Trampoline variant of Tasks RCU enabled.
[ 1.709527][ T0] Tracing variant of Tasks RCU enabled.
[ 1.713852][ T0] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies.
[ 1.720721][ T0] Running RCU synchronous self tests
[ 1.724745][ T0] RCU Tasks: Setting shift to 3 and lim to 1 rcu_task_cb_adjust=1.
[ 1.730868][ T0] RCU Tasks Trace: Setting shift to 3 and lim to 1 rcu_task_cb_adjust=1.
[ 1.874756][ T0] NR_IRQS: 4352, nr_irqs: 488, preallocated irqs: 16
[ 1.881273][ T0] rcu: srcu_init: Setting srcu_struct sizes based on contention.
[ 1.887703][ T0] kfence: initialized - using 2097152 bytes for 255 objects at 0xffff88816da00000-0xffff88816dc00000
[ 1.927000][ T0] Console: colour VGA+ 80x25
[ 1.930826][ T0] printk: legacy console [ttyS0] enabled
[ 1.930826][ T0] printk: legacy console [ttyS0] enabled
[ 1.939579][ T0] printk: legacy bootconsole [earlyser0] disabled
[ 1.939579][ T0] printk: legacy bootconsole [earlyser0] disabled
[ 1.949720][ T0] Lock dependency validator: Copyright (c) 2006 Red Hat, Inc., Ingo Molnar
[ 1.956425][ T0] ... MAX_LOCKDEP_SUBCLASSES: 8
[ 1.960288][ T0] ... MAX_LOCK_DEPTH: 48
[ 1.964172][ T0] ... MAX_LOCKDEP_KEYS: 8192
[ 1.968180][ T0] ... CLASSHASH_SIZE: 4096
[ 1.972206][ T0] ... MAX_LOCKDEP_ENTRIES: 131072
[ 1.976420][ T0] ... MAX_LOCKDEP_CHAINS: 262144
[ 1.980576][ T0] ... CHAINHASH_SIZE: 131072
[ 1.984781][ T0] memory used by lock dependency info: 20721 kB
[ 1.989685][ T0] memory used for stack traces: 8320 kB
[ 1.994052][ T0] per task-struct memory footprint: 1920 bytes
[ 1.999170][ T0] mempolicy: Enabling automatic NUMA balancing. Configure with numa_balancing= or the kernel.numa_balancing sysctl
[ 2.008532][ T0] ACPI: Core revision 20240322
[ 2.014355][ T0] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
[ 2.023208][ T0] APIC: Switch to symmetric I/O mode setup
[ 2.027731][ T0] DMAR: Host address width 39
[ 2.031404][ T0] DMAR: DRHD base: 0x000000fed90000 flags: 0x0
[ 2.036851][ T0] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap d2008c22260206 ecap f00f5e
[ 2.043862][ T0] DMAR: ATSR flags: 0x1
[ 2.047134][ T0] DMAR-IR: IOAPIC id 0 under DRHD base 0xfed90000 IOMMU 0
[ 2.052896][ T0] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping.
[ 2.064894][ T0] DMAR-IR: Enabled IRQ remapping in x2apic mode
[ 2.069746][ T0] x2apic enabled
[ 2.073286][ T0] APIC: Switched APIC routing to: cluster x2apic
[ 2.078388][ T0] kvm-guest: APIC: send_IPI_mask() replaced with kvm_send_ipi_mask()
[ 2.084850][ T0] kvm-guest: APIC: send_IPI_mask_allbutself() replaced with kvm_send_ipi_mask_allbutself()
[ 2.092322][ T0] kvm-guest: setup PV IPIs
[ 2.109189][ T0] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
[ 2.113851][ T0] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x257a5699b94, max_idle_ns: 440795293402 ns
[ 2.121528][ T0] Calibrating delay loop (skipped) preset value.. 5200.05 BogoMIPS (lpj=26000280)
[ 2.132560][ T0] x86/cpu: User Mode Instruction Prevention (UMIP) activated
[ 2.142344][ T0] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
[ 2.146500][ T0] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
[ 2.151588][ T0] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
[ 2.158763][ T0] Spectre V2 : WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible via Spectre v2 BHB attacks!
[ 2.161537][ T0] Spectre V2 : Spectre BHI mitigation: SW BHB clearing on vm exit
[ 2.171523][ T0] Spectre V2 : Spectre BHI mitigation: SW BHB clearing on syscall
[ 2.177388][ T0] Spectre V2 : Mitigation: Enhanced / Automatic IBRS
[ 2.181524][ T0] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[ 2.191524][ T0] Spectre V2 : Spectre v2 / PBRSB-eIBRS: Retire a single CALL on VMEXIT
[ 2.197828][ T0] Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier
[ 2.201609][ T0] Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl
[ 2.211580][ T0] MMIO Stale Data: Vulnerable: Clear CPU buffers attempted, no microcode
[ 2.217256][ T0] GDS: Unknown: Dependent on hypervisor status
[ 2.221734][ T0] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
[ 2.227630][ T0] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
[ 2.231525][ T0] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
[ 2.236476][ T0] x86/fpu: Supporting XSAVE feature 0x020: 'AVX-512 opmask'
[ 2.241524][ T0] x86/fpu: Supporting XSAVE feature 0x040: 'AVX-512 Hi256'
[ 2.246509][ T0] x86/fpu: Supporting XSAVE feature 0x080: 'AVX-512 ZMM_Hi256'
[ 2.251525][ T0] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
[ 2.256355][ T0] x86/fpu: xstate_offset[5]: 832, xstate_sizes[5]: 64
[ 2.261524][ T0] x86/fpu: xstate_offset[6]: 896, xstate_sizes[6]: 512
[ 2.266434][ T0] x86/fpu: xstate_offset[7]: 1408, xstate_sizes[7]: 1024
[ 2.271524][ T0] x86/fpu: Enabled xstate features 0xe7, context size is 2432 bytes, using 'compacted' format.
[ 2.499575][ T0] Freeing SMP alternatives memory: 120K
[ 2.501528][ T0] pid_max: default: 32768 minimum: 301
[ 2.505857][ T0] LSM: initializing lsm=lockdown,capability,landlock,yama,safesetid,tomoyo,selinux,ima,evm
[ 2.511707][ T0] landlock: Up and running.
[ 2.514856][ T0] Yama: becoming mindful.
[ 2.521569][ T0] TOMOYO Linux initialized
[ 2.524713][ T0] SELinux: Initializing.
[ 2.531235][ T0] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, vmalloc hugepage)
[ 2.545633][ T0] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, vmalloc)
[ 2.551789][ T0] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes, vmalloc)
[ 2.557137][ T0] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes, vmalloc)
[ 2.566847][ T0] Running RCU synchronous self tests
[ 2.570183][ T0] Running RCU synchronous self tests
[ 2.572741][ T1] smpboot: CPU0: Intel(R) Xeon(R) CPU @ 2.60GHz (family: 0x6, model: 0x6a, stepping: 0x6)
[ 2.594357][ T1] Running RCU Tasks wait API self tests
[ 2.598207][ T1] Running RCU Tasks Trace wait API self tests
[ 2.601652][ T1] Performance Events: unsupported p6 CPU model 106 no PMU driver, software events only.
[ 2.607810][ T1] signal: max sigframe size: 3632
[ 2.612095][ T1] rcu: Hierarchical SRCU implementation.
[ 2.615618][ T1] rcu: Max phase no-delay instances is 1000.
[ 2.621963][ T15] Callback from call_rcu_tasks_trace() invoked.
[ 2.634992][ T1] NMI watchdog: Perf NMI watchdog permanently disabled
[ 2.651601][ T1] smp: Bringing up secondary CPUs ...
[ 2.657294][ T1] smpboot: x86: Booting SMP configuration:
[ 2.660585][ T1] .... node #0, CPUs: #2
[ 2.664467][ T1] #1 #3
[ 2.683866][ T1] MMIO Stale Data CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html for more details.
[ 2.691905][ T1] smp: Brought up 2 nodes, 4 CPUs
[ 2.694514][ T1] smpboot: Total of 4 processors activated (20800.22 BogoMIPS)
[ 2.704714][ T1] devtmpfs: initialized
[ 2.706321][ T1] x86/mm: Memory block size: 128MB
[ 2.767758][ T1] Running RCU synchronous self tests
[ 2.771605][ T1] Running RCU synchronous self tests
[ 2.775479][ T1] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[ 2.782696][ T1] futex hash table entries: 2048 (order: 6, 262144 bytes, vmalloc)
[ 2.794280][ T1] PM: RTC time: 06:30:33, date: 2024-07-04
[ 2.801682][ T1] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[ 2.811965][ T14] Callback from call_rcu_tasks() invoked.
[ 2.816207][ T1] audit: initializing netlink subsys (disabled)
[ 2.828261][ T39] audit: type=2000 audit(1720074634.491:1): state=initialized audit_enabled=0 res=1
[ 2.832068][ T1] thermal_sys: Registered thermal governor 'step_wise'
[ 2.837646][ T1] thermal_sys: Registered thermal governor 'user_space'
[ 2.841538][ T1] cpuidle: using governor menu
[ 2.845387][ T1] NET: Registered PF_QIPCRTR protocol family
[ 2.858387][ T1] dca service started, version 1.12.1
[ 2.862197][ T1] PCI: ECAM [mem 0xb0000000-0xbfffffff] (base 0xb0000000) for domain 0000 [bus 00-ff]
[ 2.869003][ T1] PCI: ECAM [mem 0xb0000000-0xbfffffff] reserved as E820 entry
[ 3.007532][ T1] PCI: Using configuration type 1 for base access
[ 3.032675][ T1] HugeTLB: registered 1.00 GiB page size, pre-allocated 0 pages
[ 3.035909][ T1] HugeTLB: 16380 KiB vmemmap can be freed for a 1.00 GiB page
[ 3.041540][ T1] HugeTLB: registered 2.00 MiB page size, pre-allocated 0 pages
[ 3.045804][ T1] HugeTLB: 28 KiB vmemmap can be freed for a 2.00 MiB page
[ 3.056680][ T1] Demotion targets for Node 0: null
[ 3.056680][ T1] Demotion targets for Node 1: null
[ 3.062694][ T1] cryptd: max_cpu_qlen set to 1000
[ 3.073336][ T1] raid6: skipped pq benchmark and selected avx512x4
[ 3.077101][ T1] raid6: using avx512x2 recovery algorithm
[ 3.077101][ T1] ACPI: Added _OSI(Module Device)
[ 3.079270][ T1] ACPI: Added _OSI(Processor Device)
[ 3.081660][ T1] ACPI: Added _OSI(3.0 _SCP Extensions)
[ 3.084781][ T1] ACPI: Added _OSI(Processor Aggregator Device)
[ 3.230237][ T1] ACPI: 2 ACPI AML tables successfully acquired and loaded
[ 3.252477][ T1] ACPI: _OSC evaluation for CPUs failed, trying _PDC
[ 3.273771][ T1] ACPI: Interpreter enabled
[ 3.277026][ T1] ACPI: PM: (supports S0 S3 S4 S5)
[ 3.280614][ T1] ACPI: Using IOAPIC for interrupt routing
[ 3.282660][ T1] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[ 3.291544][ T1] PCI: Using E820 reservations for host bridge windows
[ 3.305868][ T1] ACPI: Enabled 4 GPEs in block 00 to 3F
[ 3.543496][ T1] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[ 3.547697][ T1] acpi PNP0A08:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3]
[ 3.555770][ T1] acpi PNP0A08:00: _OSC: platform does not support [PCIeHotplug LTR]
[ 3.567665][ T1] acpi PNP0A08:00: _OSC: OS now controls [PME AER PCIeCapability]
[ 3.573950][ T1] PCI host bridge to bus 0000:00
[ 3.576763][ T1] pci_bus 0000:00: Unknown NUMA node; performance will be reduced
[ 3.581242][ T1] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
[ 3.581548][ T1] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
[ 3.586023][ T1] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[ 3.591572][ T1] pci_bus 0000:00: root bus resource [mem 0x80000000-0xafffffff window]
[ 3.597469][ T1] pci_bus 0000:00: root bus resource [mem 0xc0000000-0xfebfffff window]
[ 3.611552][ T1] pci_bus 0000:00: root bus resource [mem 0x380000000000-0x38080000bfff window]
[ 3.616584][ T1] pci_bus 0000:00: root bus resource [bus 00-ff]
[ 3.620961][ T1] pci 0000:00:00.0: [8086:29c0] type 00 class 0x060000 conventional PCI endpoint
[ 3.628504][ T1] pci 0000:00:01.0: [1af4:1050] type 00 class 0x030000 conventional PCI endpoint
[ 3.636699][ T1] pci 0000:00:01.0: BAR 0 [mem 0xfe000000-0xfe7fffff pref]
[ 3.646677][ T1] pci 0000:00:01.0: BAR 2 [mem 0x380800000000-0x380800003fff 64bit pref]
[ 3.654414][ T1] pci 0000:00:01.0: BAR 4 [mem 0xfeaf4000-0xfeaf4fff]
[ 3.663025][ T1] pci 0000:00:01.0: ROM [mem 0xfeae0000-0xfeaeffff pref]
[ 3.668242][ T1] pci 0000:00:01.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
[ 3.688354][ T1] pci 0000:00:02.0: [8086:10d3] type 00 class 0x020000 PCIe Root Complex Integrated Endpoint
[ 3.693545][ T1] pci 0000:00:02.0: BAR 0 [mem 0xfea80000-0xfea9ffff]
[ 3.699379][ T1] pci 0000:00:02.0: BAR 1 [mem 0xfeaa0000-0xfeabffff]
[ 3.703234][ T1] pci 0000:00:02.0: BAR 2 [io 0xc080-0xc09f]
[ 3.708333][ T1] pci 0000:00:02.0: BAR 3 [mem 0xfeaf0000-0xfeaf3fff]
[ 3.718377][ T1] pci 0000:00:02.0: ROM [mem 0xfea00000-0xfea3ffff pref]
[ 3.739911][ T1] pci 0000:00:03.0: [1af4:1005] type 00 class 0x00ff00 conventional PCI endpoint
[ 3.743295][ T1] pci 0000:00:03.0: BAR 0 [io 0xc0a0-0xc0bf]
[ 3.749434][ T1] pci 0000:00:03.0: BAR 1 [mem 0xfeaf5000-0xfeaf5fff]
[ 3.764835][ T1] pci 0000:00:03.0: BAR 4 [mem 0x380800004000-0x380800007fff 64bit pref]
[ 3.783260][ T1] pci 0000:00:04.0: [8086:3420] type 01 class 0x060400 PCIe Root Port
[ 3.794963][ T1] pci 0000:00:04.0: PCI bridge to [bus 01]
[ 3.799339][ T1] pci 0000:00:04.0: bridge window [mem 0xfe800000-0xfe9fffff]
[ 3.802758][ T1] pci 0000:00:04.0: bridge window [mem 0x380000000000-0x3807ffffffff 64bit pref]
[ 3.819729][ T1] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200 conventional PCI endpoint
[ 3.834233][ T1] pci 0000:00:05.0: BAR 0 [io 0xc0c0-0xc0df]
[ 3.841282][ T1] pci 0000:00:05.0: BAR 1 [mem 0xfeaf6000-0xfeaf6fff]
[ 3.848135][ T1] pci 0000:00:05.0: BAR 4 [mem 0x380800008000-0x38080000bfff 64bit pref]
[ 3.865230][ T1] pci 0000:00:06.0: [8086:100e] type 00 class 0x020000 conventional PCI endpoint
[ 3.872472][ T1] pci 0000:00:06.0: BAR 0 [mem 0xfeac0000-0xfeadffff]
[ 3.878447][ T1] pci 0000:00:06.0: BAR 1 [io 0xc000-0xc03f]
[ 3.889092][ T1] pci 0000:00:06.0: ROM [mem 0xfea40000-0xfea7ffff pref]
[ 3.907112][ T1] pci 0000:00:1d.0: [8086:2934] type 00 class 0x0c0300 conventional PCI endpoint
[ 3.916943][ T1] pci 0000:00:1d.0: BAR 4 [io 0xc0e0-0xc0ff]
[ 3.928591][ T1] pci 0000:00:1d.1: [8086:2935] type 00 class 0x0c0300 conventional PCI endpoint
[ 3.936028][ T1] pci 0000:00:1d.1: BAR 4 [io 0xc100-0xc11f]
[ 3.945178][ T1] pci 0000:00:1d.2: [8086:2936] type 00 class 0x0c0300 conventional PCI endpoint
[ 3.954416][ T1] pci 0000:00:1d.2: BAR 4 [io 0xc120-0xc13f]
[ 3.965035][ T1] pci 0000:00:1d.7: [8086:293a] type 00 class 0x0c0320 conventional PCI endpoint
[ 3.971079][ T1] pci 0000:00:1d.7: BAR 0 [mem 0xfeaf7000-0xfeaf7fff]
[ 3.979283][ T1] pci 0000:00:1f.0: [8086:2918] type 00 class 0x060100 conventional PCI endpoint
[ 3.994289][ T1] pci 0000:00:1f.0: quirk: [io 0x0600-0x067f] claimed by ICH6 ACPI/GPIO/TCO
[ 4.003528][ T1] pci 0000:00:1f.2: [8086:2922] type 00 class 0x010601 conventional PCI endpoint
[ 4.017719][ T1] pci 0000:00:1f.2: BAR 4 [io 0xc140-0xc15f]
[ 4.022757][ T1] pci 0000:00:1f.2: BAR 5 [mem 0xfeaf8000-0xfeaf8fff]
[ 4.029365][ T1] pci 0000:00:1f.3: [8086:2930] type 00 class 0x0c0500 conventional PCI endpoint
[ 4.048582][ T1] pci 0000:00:1f.3: BAR 4 [io 0x0700-0x073f]
[ 4.059225][ T1] pci 0000:00:04.0: PCI bridge to [bus 01]
[ 4.078288][ T1] ACPI: PCI: Interrupt link LNKA configured for IRQ 10
[ 4.085905][ T1] ACPI: PCI: Interrupt link LNKB configured for IRQ 10
[ 4.093789][ T1] ACPI: PCI: Interrupt link LNKC configured for IRQ 11
[ 4.101579][ T1] ACPI: PCI: Interrupt link LNKD configured for IRQ 11
[ 4.109913][ T1] ACPI: PCI: Interrupt link LNKE configured for IRQ 10
[ 4.121952][ T1] ACPI: PCI: Interrupt link LNKF configured for IRQ 10
[ 4.126517][ T1] ACPI: PCI: Interrupt link LNKG configured for IRQ 11
[ 4.133101][ T1] ACPI: PCI: Interrupt link LNKH configured for IRQ 11
[ 4.138407][ T1] ACPI: PCI: Interrupt link GSIA configured for IRQ 16
[ 4.142067][ T1] ACPI: PCI: Interrupt link GSIB configured for IRQ 17
[ 4.146422][ T1] ACPI: PCI: Interrupt link GSIC configured for IRQ 18
[ 4.150918][ T1] ACPI: PCI: Interrupt link GSID configured for IRQ 19
[ 4.152056][ T1] ACPI: PCI: Interrupt link GSIE configured for IRQ 20
[ 4.156439][ T1] ACPI: PCI: Interrupt link GSIF configured for IRQ 21
[ 4.160833][ T1] ACPI: PCI: Interrupt link GSIG configured for IRQ 22
[ 4.172027][ T1] ACPI: PCI: Interrupt link GSIH configured for IRQ 23
[ 4.213495][ T1] iommu: Default domain type: Translated
[ 4.215487][ T1] iommu: DMA domain TLB invalidation policy: lazy mode
[ 4.228978][ T1] SCSI subsystem initialized
[ 4.234153][ T1] ACPI: bus type USB registered
[ 4.241588][ T1] usbcore: registered new interface driver usbfs
[ 4.241927][ T1] usbcore: registered new interface driver hub
[ 4.246868][ T1] usbcore: registered new device driver usb
[ 4.253885][ T1] mc: Linux media interface: v0.10
[ 4.257941][ T1] videodev: Linux video capture interface: v2.00
[ 4.272696][ T1] pps_core: LinuxPPS API ver. 1 registered
[ 4.276955][ T1] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
[ 4.281690][ T1] PTP clock support registered
[ 4.286152][ T1] EDAC MC: Ver: 3.0.0
[ 4.294950][ T1] Advanced Linux Sound Architecture Driver Initialized.
[ 4.308744][ T1] Bluetooth: Core ver 2.22
[ 4.311914][ T1] NET: Registered PF_BLUETOOTH protocol family
[ 4.316176][ T1] Bluetooth: HCI device and connection manager initialized
[ 4.321137][ T1] Bluetooth: HCI socket layer initialized
[ 4.321560][ T1] Bluetooth: L2CAP socket layer initialized
[ 4.325763][ T1] Bluetooth: SCO socket layer initialized
[ 4.329862][ T1] NET: Registered PF_ATMPVC protocol family
[ 4.341547][ T1] NET: Registered PF_ATMSVC protocol family
[ 4.346223][ T1] NetLabel: Initializing
[ 4.349170][ T1] NetLabel: domain hash size = 128
[ 4.351536][ T1] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO
[ 4.356689][ T1] NetLabel: unlabeled traffic allowed by default
[ 4.364408][ T1] nfc: nfc_init: NFC Core ver 0.1
[ 4.368447][ T1] NET: Registered PF_NFC protocol family
[ 4.371656][ T1] PCI: Using ACPI for IRQ routing
[ 4.822225][ T1] pci 0000:00:01.0: vgaarb: setting as boot VGA device
[ 4.827094][ T1] pci 0000:00:01.0: vgaarb: bridge control possible
[ 4.831515][ T1] pci 0000:00:01.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none
[ 4.831570][ T1] vgaarb: loaded
[ 4.839266][ T1] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
[ 4.851536][ T1] hpet0: 3 comparators, 64-bit 100.000000 MHz counter
[ 4.861692][ T1] clocksource: Switched to clocksource kvm-clock
[ 4.876700][ T1] VFS: Disk quotas dquot_6.6.0
[ 4.880389][ T1] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[ 4.890814][ T1] netfs: FS-Cache loaded
[ 4.911324][ T1] CacheFiles: Loaded
[ 4.914947][ T1] TOMOYO: 2.6.0
[ 4.917426][ T1] Mandatory Access Control activated.
[ 4.922449][ T1] pnp: PnP ACPI init
[ 4.935650][ T1] system 00:06: [mem 0xb0000000-0xbfffffff window] has been reserved
[ 4.965612][ T1] pnp: PnP ACPI: found 7 devices
[ 5.023825][ T1] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
[ 5.031939][ T1] NET: Registered PF_INET protocol family
[ 5.038852][ T1] IP idents hash table entries: 65536 (order: 7, 524288 bytes, vmalloc)
[ 5.052781][ T1] tcp_listen_portaddr_hash hash table entries: 2048 (order: 5, 147456 bytes, vmalloc)
[ 5.060694][ T1] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, vmalloc)
[ 5.068040][ T1] TCP established hash table entries: 32768 (order: 6, 262144 bytes, vmalloc)
[ 5.080246][ T1] TCP bind hash table entries: 32768 (order: 10, 4718592 bytes, vmalloc hugepage)
[ 5.087414][ T1] TCP: Hash tables configured (established 32768 bind 32768)
[ 5.094564][ T1] MPTCP token hash table entries: 4096 (order: 6, 360448 bytes, vmalloc)
[ 5.100378][ T1] UDP hash table entries: 2048 (order: 6, 327680 bytes, vmalloc)
[ 5.105798][ T1] UDP-Lite hash table entries: 2048 (order: 6, 327680 bytes, vmalloc)
[ 5.111464][ T1] NET: Registered PF_UNIX/PF_LOCAL protocol family
[ 5.117654][ T1] RPC: Registered named UNIX socket transport module.
[ 5.121757][ T1] RPC: Registered udp transport module.
[ 5.125884][ T1] RPC: Registered tcp transport module.
[ 5.129779][ T1] RPC: Registered tcp-with-tls transport module.
[ 5.134323][ T1] RPC: Registered tcp NFSv4.1 backchannel transport module.
[ 5.143381][ T1] NET: Registered PF_XDP protocol family
[ 5.146968][ T1] pci 0000:00:04.0: bridge window [io 0x1000-0x0fff] to [bus 01] add_size 1000
[ 5.153441][ T1] pci 0000:00:04.0: bridge window [io 0x1000-0x1fff]: assigned
[ 5.158917][ T1] pci 0000:00:04.0: PCI bridge to [bus 01]
[ 5.162588][ T1] pci 0000:00:04.0: bridge window [io 0x1000-0x1fff]
[ 5.168090][ T1] pci 0000:00:04.0: bridge window [mem 0xfe800000-0xfe9fffff]
[ 5.173618][ T1] pci 0000:00:04.0: bridge window [mem 0x380000000000-0x3807ffffffff 64bit pref]
[ 5.181073][ T1] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window]
[ 5.185830][ T1] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window]
[ 5.190978][ T1] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
[ 5.196348][ T1] pci_bus 0000:00: resource 7 [mem 0x80000000-0xafffffff window]
[ 5.201081][ T1] pci_bus 0000:00: resource 8 [mem 0xc0000000-0xfebfffff window]
[ 5.206021][ T1] pci_bus 0000:00: resource 9 [mem 0x380000000000-0x38080000bfff window]
[ 5.210854][ T1] pci_bus 0000:01: resource 0 [io 0x1000-0x1fff]
[ 5.215417][ T1] pci_bus 0000:01: resource 1 [mem 0xfe800000-0xfe9fffff]
[ 5.219936][ T1] pci_bus 0000:01: resource 2 [mem 0x380000000000-0x3807ffffffff 64bit pref]
[ 5.259524][ T1] ACPI: \_SB_.GSIA: Enabled at IRQ 16
[ 5.299489][ T1] pci 0000:00:1d.0: quirk_usb_early_handoff+0x0/0x1440 took 71878 usecs
[ 5.348121][ T1] ACPI: \_SB_.GSIB: Enabled at IRQ 17
[ 5.397660][ T1] pci 0000:00:1d.1: quirk_usb_early_handoff+0x0/0x1440 took 90738 usecs
[ 5.426830][ T1] ACPI: \_SB_.GSIC: Enabled at IRQ 18
[ 5.455344][ T1] pci 0000:00:1d.2: quirk_usb_early_handoff+0x0/0x1440 took 51709 usecs
[ 5.484762][ T1] ACPI: \_SB_.GSID: Enabled at IRQ 19
[ 5.513209][ T1] pci 0000:00:1d.7: quirk_usb_early_handoff+0x0/0x1440 took 51882 usecs
[ 5.518483][ T1] PCI: CLS 0 bytes, default 64
[ 5.521664][ T1] DMAR: No RMRR found
[ 5.524000][ T1] DMAR: No SATC found
[ 5.526299][ T1] DMAR: dmar0: Using Queued invalidation
[ 5.532006][ T1] pci 0000:00:00.0: Adding to iommu group 0
[ 5.532998][ T74] kworker/u32:1 (74) used greatest stack depth: 27952 bytes left
[ 5.535799][ T1] pci 0000:00:01.0: Adding to iommu group 1
[ 5.544021][ T1] pci 0000:00:02.0: Adding to iommu group 2
[ 5.547624][ T1] pci 0000:00:03.0: Adding to iommu group 3
[ 5.551170][ T1] pci 0000:00:04.0: Adding to iommu group 4
[ 5.554944][ T1] pci 0000:00:05.0: Adding to iommu group 5
[ 5.558468][ T1] pci 0000:00:06.0: Adding to iommu group 6
[ 5.562164][ T1] pci 0000:00:1d.0: Adding to iommu group 7
[ 5.565736][ T1] pci 0000:00:1d.1: Adding to iommu group 7
[ 5.569214][ T1] pci 0000:00:1d.2: Adding to iommu group 7
[ 5.572694][ T1] pci 0000:00:1d.7: Adding to iommu group 7
[ 5.576919][ T1] pci 0000:00:1f.0: Adding to iommu group 8
[ 5.581270][ T1] pci 0000:00:1f.2: Adding to iommu group 8
[ 5.585648][ T1] pci 0000:00:1f.3: Adding to iommu group 8
[ 5.635235][ T1] DMAR: Intel(R) Virtualization Technology for Directed I/O
[ 5.640482][ T1] PCI-DMA: Using software bounce buffering for IO (SWIOTLB)
[ 5.645942][ T1] software IO TLB: mapped [mem 0x0000000067000000-0x000000006b000000] (64MB)
[ 5.652368][ T1] ACPI: bus type thunderbolt registered
[ 5.662288][ T1] RAPL PMU: API unit is 2^-32 Joules, 0 fixed counters, 10737418240 ms ovfl timer
[ 5.714742][ T1] kvm_amd: CPU 2 isn't AMD or Hygon
[ 5.718471][ T1] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x257a5699b94, max_idle_ns: 440795293402 ns
[ 5.725110][ T1] clocksource: Switched to clocksource tsc
[ 5.767811][ T99] kworker/u32:1 (99) used greatest stack depth: 26960 bytes left
[ 6.545104][ T1] Initialise system trusted keyrings
[ 6.549678][ T1] workingset: timestamp_bits=40 max_order=20 bucket_order=0
[ 6.557763][ T1] DLM installed
[ 6.562472][ T1] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[ 6.570081][ T1] NFS: Registering the id_resolver key type
[ 6.573585][ T1] Key type id_resolver registered
[ 6.576647][ T1] Key type id_legacy registered
[ 6.579597][ T1] nfs4filelayout_init: NFSv4 File Layout Driver Registering...
[ 6.584132][ T1] nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering...
[ 6.598128][ T1] Key type cifs.spnego registered
[ 6.601797][ T1] Key type cifs.idmap registered
[ 6.605266][ T1] ntfs3: Enabled Linux POSIX ACLs support
[ 6.608668][ T1] ntfs3: Read-only LZX/Xpress compression included
[ 6.612768][ T1] efs: 1.0a - http://aeschi.ch.eu.org/efs/
[ 6.616168][ T1] jffs2: version 2.2. (NAND) (SUMMARY) © 2001-2006 Red Hat, Inc.
[ 6.623665][ T1] romfs: ROMFS MTD (C) 2007 Red Hat, Inc.
[ 6.627186][ T1] QNX4 filesystem 0.2.3 registered.
[ 6.630497][ T1] qnx6: QNX6 filesystem 1.0.0 registered.
[ 6.634409][ T1] fuse: init (API version 7.40)
[ 6.639390][ T1] orangefs_debugfs_init: called with debug mask: :none: :0:
[ 6.644499][ T1] orangefs_init: module version upstream loaded
[ 6.649990][ T1] JFS: nTxBlock = 8192, nTxLock = 65536
[ 6.679333][ T1] SGI XFS with ACLs, security attributes, realtime, quota, no debug enabled
[ 6.688066][ T1] 9p: Installing v9fs 9p2000 file system support
[ 6.693042][ T1] NILFS version 2 loaded
[ 6.695742][ T1] befs: version: 0.9.3
[ 6.698929][ T1] ocfs2: Registered cluster interface o2cb
[ 6.703708][ T1] ocfs2: Registered cluster interface user
[ 6.707816][ T1] OCFS2 User DLM kernel interface loaded
[ 6.724000][ T1] gfs2: GFS2 installed
[ 6.735929][ T1] ceph: loaded (mds proto 32)
[ 6.777413][ T1] NET: Registered PF_ALG protocol family
[ 6.781867][ T1] xor: automatically using best checksumming function avx
[ 6.787902][ T1] async_tx: api initialized (async)
[ 6.791865][ T1] Key type asymmetric registered
[ 6.795751][ T1] Asymmetric key parser 'x509' registered
[ 6.800012][ T1] Asymmetric key parser 'pkcs8' registered
[ 6.804236][ T1] Key type pkcs7_test registered
[ 6.808169][ T1] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 239)
[ 6.815057][ T1] io scheduler mq-deadline registered
[ 6.818951][ T1] io scheduler kyber registered
[ 6.822533][ T1] io scheduler bfq registered
[ 6.881899][ T1] ACPI: \_SB_.GSIE: Enabled at IRQ 20
[ 6.894990][ T1] pcieport 0000:00:04.0: PME: Signaling with IRQ 25
[ 6.904466][ T1] pcieport 0000:00:04.0: AER: enabled with IRQ 26
[ 6.914206][ T1] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[ 6.921208][ T1] ACPI: button: Power Button [PWRF]
[ 7.388629][ T1] ioatdma: Intel(R) QuickData Technology Driver 5.00
[ 7.448767][ T1] ACPI: \_SB_.GSIF: Enabled at IRQ 21
[ 7.513658][ T1] ACPI: \_SB_.GSIH: Enabled at IRQ 23
[ 7.966027][ T1] N_HDLC line discipline registered with maxframe=4096
[ 7.971286][ T1] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[ 7.981575][ T1] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
[ 8.028572][ T1] Non-volatile memory driver v1.3
[ 8.039962][ T1] Linux agpgart interface v0.103
[ 8.047171][ T1] ACPI: bus type drm_connector registered
[ 8.054925][ T1] [drm] Initialized vgem 1.0.0 20120112 for vgem on minor 0
[ 8.066632][ T1] [drm] Initialized vkms 1.0.0 20180514 for vkms on minor 1
[ 8.175561][ T1] Console: switching to colour frame buffer device 128x48
[ 8.199469][ T1] platform vkms: [drm] fb0: vkmsdrmfb frame buffer device
[ 8.205708][ T1] usbcore: registered new interface driver udl
[ 8.211252][ T1] [drm] pci: virtio-vga detected at 0000:00:01.0
[ 8.216048][ T1] virtio-pci 0000:00:01.0: vgaarb: deactivate vga console
[ 8.222801][ T1] [drm] features: -virgl +edid -resource_blob -host_visible
[ 8.222816][ T1] [drm] features: -context_init
[ 8.240824][ T1] [drm] number of scanouts: 1
[ 8.244384][ T1] [drm] number of cap sets: 0
[ 8.256295][ T1] [drm] Initialized virtio_gpu 0.1.0 0 for 0000:00:01.0 on minor 2
[ 8.323614][ T1] fbcon: virtio_gpudrmfb (fb1) is primary device
[ 8.323638][ T1] fbcon: Remapping primary device, fb1, to tty 1-63
[ 286.674463][ T40] INFO: task swapper/0:1 blocked for more than 143 seconds.
[ 286.674491][ T40] Not tainted 6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[ 286.674503][ T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.674510][ T40] task:swapper/0 state:D stack:22256 pid:1 tgid:1 ppid:0 flags:0x00004000
[ 286.674539][ T40] Call Trace:
[ 286.674546][ T40] <TASK>
[ 286.674555][ T40] __schedule+0xf15/0x5d00
[ 286.674626][ T40] ? __pfx___lock_acquire+0x10/0x10
[ 286.674652][ T40] ? __pfx___lock_acquire+0x10/0x10
[ 286.674679][ T40] ? __pfx___schedule+0x10/0x10
[ 286.674697][ T40] ? schedule+0x298/0x350
[ 286.674716][ T40] ? __pfx_lock_release+0x10/0x10
[ 286.674756][ T40] ? __ww_mutex_lock.constprop.0+0xf50/0x2650
[ 286.674778][ T40] ? __mutex_trylock_common+0x78/0x250
[ 286.674796][ T40] schedule+0xe7/0x350
[ 286.674807][ T40] schedule_preempt_disabled+0x13/0x30
[ 286.674819][ T40] __ww_mutex_lock.constprop.0+0xf55/0x2650
[ 286.674833][ T40] ? ret_from_fork+0x45/0x80
[ 286.674848][ T40] ? ret_from_fork_asm+0x1a/0x30
[ 286.674863][ T40] ? modeset_lock+0x488/0x6c0
[ 286.674876][ T40] ? __pfx___ww_mutex_lock.constprop.0+0x10/0x10
[ 286.674890][ T40] ? __pfx___might_resched+0x10/0x10
[ 286.674902][ T40] ? ww_mutex_lock+0x37/0x140
[ 286.674919][ T40] ww_mutex_lock+0x37/0x140
[ 286.674932][ T40] modeset_lock+0x488/0x6c0
[ 286.674945][ T40] drm_modeset_lock+0x59/0x90
[ 286.674959][ T40] drm_atomic_get_plane_state+0x19d/0x590
[ 286.674976][ T40] drm_client_modeset_commit_atomic+0x246/0x810
[ 286.674992][ T40] ? trace_contention_end+0xea/0x140
[ 286.675003][ T40] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[ 286.675019][ T40] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 286.675033][ T40] drm_client_modeset_commit_locked+0x14d/0x580
[ 286.675049][ T40] drm_fb_helper_pan_display+0x2a5/0x990
[ 286.675063][ T40] fb_pan_display+0x477/0x7d0
[ 286.675077][ T40] ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[ 286.675090][ T40] bit_update_start+0x49/0x1f0
[ 286.675103][ T40] fbcon_switch+0xbbf/0x12f0
[ 286.675115][ T40] ? __pfx_fbcon_switch+0x10/0x10
[ 286.675128][ T40] ? __pfx_bit_cursor+0x10/0x10
[ 286.675141][ T40] ? fbcon_cursor+0x3bf/0x520
[ 286.675153][ T40] ? is_console_locked+0x9/0x20
[ 286.675167][ T40] ? con_is_visible+0x65/0x150
[ 286.675183][ T40] redraw_screen+0x2bf/0x760
[ 286.675194][ T40] ? fbcon_prepare_logo+0x8e5/0xc70
[ 286.675206][ T40] ? __pfx_redraw_screen+0x10/0x10
[ 286.675218][ T40] ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 286.675230][ T40] set_con2fb_map+0x796/0x1060
[ 286.675244][ T40] fbcon_fb_registered+0x21d/0x6a0
[ 286.675257][ T40] ? fb_var_to_videomode+0x4c9/0x690
[ 286.675272][ T40] register_framebuffer+0x485/0x840
[ 286.675286][ T40] ? __pfx_register_framebuffer+0x10/0x10
[ 286.675301][ T40] ? drm_fbdev_generic_helper_fb_probe+0x49e/0x680
[ 286.675318][ T40] __drm_fb_helper_initial_config_and_unlock+0xd56/0x1620
[ 286.675333][ T40] ? __pfx___mutex_lock+0x10/0x10
[ 286.675346][ T40] ? __pfx___drm_fb_helper_initial_config_and_unlock+0x10/0x10
[ 286.675360][ T40] drm_fb_helper_initial_config+0x44/0x60
[ 286.675378][ T40] drm_fbdev_generic_client_hotplug+0x1a6/0x280
[ 286.675403][ T40] ? __pfx_drm_fbdev_generic_client_hotplug+0x10/0x10
[ 286.675428][ T40] drm_client_register+0x195/0x280
[ 286.675448][ T40] drm_fbdev_generic_setup+0x184/0x340
[ 286.675467][ T40] virtio_gpu_probe+0x29d/0x4e0
[ 286.675489][ T40] virtio_dev_probe+0x5ff/0x9b0
[ 286.675507][ T40] ? __pfx_virtio_dev_probe+0x10/0x10
[ 286.675521][ T40] really_probe+0x23e/0xa90
[ 286.675537][ T40] __driver_probe_device+0x1de/0x440
[ 286.675550][ T40] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 286.675562][ T40] driver_probe_device+0x4c/0x1b0
[ 286.675576][ T40] __driver_attach+0x283/0x580
[ 286.675589][ T40] ? __pfx___driver_attach+0x10/0x10
[ 286.675602][ T40] bus_for_each_dev+0x13c/0x1d0
[ 286.675614][ T40] ? __pfx_bus_for_each_dev+0x10/0x10
[ 286.675625][ T40] bus_add_driver+0x2e9/0x690
[ 286.675638][ T40] driver_register+0x15c/0x4b0
[ 286.675652][ T40] ? __register_virtio_driver+0x56/0x100
[ 286.675665][ T40] ? __pfx_virtio_gpu_driver_init+0x10/0x10
[ 286.675679][ T40] do_one_initcall+0x128/0x700
[ 286.675695][ T40] ? __pfx_do_one_initcall+0x10/0x10
[ 286.675718][ T40] ? trace_kmalloc+0x2d/0xe0
[ 286.675740][ T40] ? __kmalloc_noprof+0x20b/0x410
[ 286.675758][ T40] kernel_init_freeable+0x69d/0xca0
[ 286.675785][ T40] ? __pfx_kernel_init+0x10/0x10
[ 286.675811][ T40] kernel_init+0x1c/0x2b0
[ 286.675837][ T40] ? __pfx_kernel_init+0x10/0x10
[ 286.675861][ T40] ret_from_fork+0x45/0x80
[ 286.675881][ T40] ? __pfx_kernel_init+0x10/0x10
[ 286.675896][ T40] ret_from_fork_asm+0x1a/0x30
[ 286.675915][ T40] </TASK>
[ 286.675922][ T40] INFO: task kworker/0:1:10 blocked for more than 143 seconds.
[ 286.675929][ T40] Not tainted 6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[ 286.675936][ T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.675940][ T40] task:kworker/0:1 state:D stack:26416 pid:10 tgid:10 ppid:2 flags:0x00004000
[ 286.675960][ T40] Workqueue: events virtio_gpu_dequeue_ctrl_func
[ 286.675976][ T40] Call Trace:
[ 286.675980][ T40] <TASK>
[ 286.675985][ T40] __schedule+0xf15/0x5d00
[ 286.675996][ T40] ? __pfx_mark_lock+0x10/0x10
[ 286.676011][ T40] ? __pfx___schedule+0x10/0x10
[ 286.676022][ T40] ? schedule+0x298/0x350
[ 286.676032][ T40] ? __pfx_lock_release+0x10/0x10
[ 286.676047][ T40] ? _raw_spin_unlock_irq+0x23/0x50
[ 286.676057][ T40] ? lockdep_hardirqs_on+0x7c/0x110
[ 286.676070][ T40] schedule+0xe7/0x350
[ 286.676081][ T40] schedule_preempt_disabled+0x13/0x30
[ 286.676093][ T40] __mutex_lock+0x5b8/0x9c0
[ 286.676105][ T40] ? call_usermodehelper_setup+0x252/0x340
[ 286.676117][ T40] ? kobject_uevent_env+0x2db/0x1810
[ 286.676131][ T40] ? drm_client_dev_hotplug+0x169/0x3c0
[ 286.676143][ T40] ? __pfx___mutex_lock+0x10/0x10
[ 286.676156][ T40] ? preempt_schedule_thunk+0x1a/0x30
[ 286.676167][ T40] ? drm_client_dev_hotplug+0x169/0x3c0
[ 286.676179][ T40] drm_client_dev_hotplug+0x169/0x3c0
[ 286.676192][ T40] ? _raw_spin_unlock_irqrestore+0x61/0x80
[ 286.676204][ T40] virtio_gpu_cmd_get_display_info_cb+0x3e1/0x550
[ 286.676219][ T40] ? __pfx_virtio_gpu_cmd_get_display_info_cb+0x10/0x10
[ 286.676234][ T40] virtio_gpu_dequeue_ctrl_func+0x209/0x7d0
[ 286.676250][ T40] ? __pfx_virtio_gpu_dequeue_ctrl_func+0x10/0x10
[ 286.676266][ T40] process_one_work+0x9c5/0x1b40
[ 286.676278][ T40] ? __pfx_lock_acquire+0x10/0x10
[ 286.676292][ T40] ? __pfx_process_one_work+0x10/0x10
[ 286.676303][ T40] ? assign_work+0x1a0/0x250
[ 286.676318][ T40] worker_thread+0x6c8/0xf30
[ 286.676329][ T40] ? __kthread_parkme+0x148/0x220
[ 286.676342][ T40] ? __pfx_worker_thread+0x10/0x10
[ 286.676352][ T40] kthread+0x2c1/0x3a0
[ 286.676364][ T40] ? _raw_spin_unlock_irq+0x23/0x50
[ 286.676374][ T40] ? __pfx_kthread+0x10/0x10
[ 286.676386][ T40] ret_from_fork+0x45/0x80
[ 286.676400][ T40] ? __pfx_kthread+0x10/0x10
[ 286.676412][ T40] ret_from_fork_asm+0x1a/0x30
[ 286.676427][ T40] </TASK>
[ 286.676445][ T40] INFO: task kworker/0:2:823 blocked for more than 143 seconds.
[ 286.676451][ T40] Not tainted 6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[ 286.676457][ T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.676461][ T40] task:kworker/0:2 state:D stack:26976 pid:823 tgid:823 ppid:2 flags:0x00004000
[ 286.676480][ T40] Workqueue: events drm_fb_helper_damage_work
[ 286.676519][ T40] Call Trace:
[ 286.676526][ T40] <TASK>
[ 286.676533][ T40] __schedule+0xf15/0x5d00
[ 286.676564][ T40] ? __pfx___schedule+0x10/0x10
[ 286.676598][ T40] ? __pfx___schedule+0x10/0x10
[ 286.676629][ T40] ? schedule+0x298/0x350
[ 286.676647][ T40] ? __pfx_lock_release+0x10/0x10
[ 286.676673][ T40] schedule+0xe7/0x350
[ 286.676691][ T40] virtio_gpu_queue_fenced_ctrl_buffer+0x497/0xff0
[ 286.676717][ T40] ? __pfx_virtio_gpu_queue_fenced_ctrl_buffer+0x10/0x10
[ 286.676734][ T40] ? trace_kmem_cache_alloc+0x2d/0xe0
[ 286.676748][ T40] ? kmem_cache_alloc_noprof+0x174/0x2f0
[ 286.676763][ T40] ? __pfx_autoremove_wake_function+0x10/0x10
[ 286.676779][ T40] ? __asan_memset+0x23/0x50
[ 286.676792][ T40] ? virtio_gpu_cmd_resource_flush+0x85/0x220
[ 286.676807][ T40] virtio_gpu_primary_plane_update+0x105d/0x1590
[ 286.676821][ T40] ? __pfx_virtio_gpu_primary_plane_update+0x10/0x10
[ 286.676837][ T40] ? drm_crtc_next_vblank_start+0x25d/0x300
[ 286.676862][ T40] drm_atomic_helper_commit_planes+0x93a/0x1000
[ 286.676893][ T40] drm_atomic_helper_commit_tail+0x69/0xf0
[ 286.676917][ T40] commit_tail+0x356/0x410
[ 286.676936][ T40] drm_atomic_helper_commit+0x2fd/0x380
[ 286.676957][ T40] ? __pfx_drm_atomic_helper_commit+0x10/0x10
[ 286.676977][ T40] drm_atomic_commit+0x227/0x300
[ 286.677000][ T40] ? __pfx_drm_atomic_commit+0x10/0x10
[ 286.677021][ T40] ? __pfx___drm_printfn_info+0x10/0x10
[ 286.677037][ T40] ? modeset_lock+0x10e/0x6c0
[ 286.677049][ T40] drm_atomic_helper_dirtyfb+0x615/0x7b0
[ 286.677063][ T40] ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[ 286.677079][ T40] ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10
[ 286.677093][ T40] drm_fbdev_generic_helper_fb_dirty+0x7ad/0xbd0
[ 286.677105][ T40] ? __pfx_drm_fbdev_generic_helper_fb_dirty+0x10/0x10
[ 286.677116][ T40] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 286.677128][ T40] drm_fb_helper_damage_work+0x285/0x5e0
[ 286.677139][ T40] ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[ 286.677151][ T40] process_one_work+0x9c5/0x1b40
[ 286.677162][ T40] ? __pfx_drm_fb_helper_damage_work+0x10/0x10
[ 286.677173][ T40] ? __pfx_process_one_work+0x10/0x10
[ 286.677184][ T40] ? assign_work+0x1a0/0x250
[ 286.677199][ T40] worker_thread+0x6c8/0xf30
[ 286.677210][ T40] ? __kthread_parkme+0x148/0x220
[ 286.677222][ T40] ? __pfx_worker_thread+0x10/0x10
[ 286.677232][ T40] kthread+0x2c1/0x3a0
[ 286.677244][ T40] ? _raw_spin_unlock_irq+0x23/0x50
[ 286.677255][ T40] ? __pfx_kthread+0x10/0x10
[ 286.677267][ T40] ret_from_fork+0x45/0x80
[ 286.677280][ T40] ? __pfx_kthread+0x10/0x10
[ 286.677292][ T40] ret_from_fork_asm+0x1a/0x30
[ 286.677309][ T40] </TASK>
[ 286.677313][ T40]
[ 286.677313][ T40] Showing all locks held in the system:
[ 286.677318][ T40] 9 locks held by swapper/0/1:
[ 286.677325][ T40] #0: ffff88801d9cf170 (&dev->mutex){....}-{3:3}, at: __driver_attach+0x278/0x580
[ 286.677356][ T40] #1: ffff88801fd0c2f8 (&dev->clientlist_mutex){+.+.}-{3:3}, at: drm_client_register+0x54/0x280
[ 286.677384][ T40] #2: ffffffff8e6e2bc8 (registration_lock){+.+.}-{3:3}, at: register_framebuffer+0x7a/0x840
[ 286.677413][ T40] #3: ffffffff8db9f2e0 (console_lock){+.+.}-{0:0}, at: fbcon_fb_registered+0x3c/0x6a0
[ 286.677440][ T40] #4: ffff88801f9e7280 (&helper->lock){+.+.}-{3:3}, at: drm_fb_helper_pan_display+0xd5/0x990
[ 286.677465][ T40] #5: ffff88801fd0c1b0 (&dev->master_mutex){+.+.}-{3:3}, at: drm_master_internal_acquire+0x21/0x80
[ 286.677496][ T40] #6: ffff88801f9e7098 (&client->modeset_mutex){+.+.}-{3:3}, at: drm_client_modeset_commit_locked+0x4c/0x580
[ 286.677525][ T40] #7: ffffc90000047318 (crtc_ww_class_acquire){+.+.}-{0:0}, at: drm_client_modeset_commit_atomic+0xd0/0x810
[ 286.677553][ T40] #8: ffff88801fa860b0 (crtc_ww_class_mutex){+.+.}-{3:3}, at: modeset_lock+0x488/0x6c0
[ 286.677581][ T40] 3 locks held by kworker/0:1/10:
[ 286.677588][ T40] #0: ffff888015488948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40
[ 286.677613][ T40] #1: ffffc900000d7d80 ((work_completion)(&vgvq->dequeue_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40
[ 286.677647][ T40] #2: ffff88801fd0c2f8 (&dev->clientlist_mutex){+.+.}-{3:3}, at: drm_client_dev_hotplug+0x169/0x3c0
[ 286.677692][ T40] 1 lock held by khungtaskd/40:
[ 286.677701][ T40] #0: ffffffff8dbb1620 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340
[ 286.677745][ T40] 2 locks held by kworker/u32:3/63:
[ 286.677751][ T40] #0: ffff888015491148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40
[ 286.677777][ T40] #1: ffffc90000af7d80 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40
[ 286.677806][ T40] 5 locks held by kworker/0:2/823:
[ 286.677812][ T40] #0: ffff888015488948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40
[ 286.677837][ T40] #1: ffffc90005647d80 ((work_completion)(&helper->damage_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40
[ 286.677872][ T40] #2: ffffc90005647a10 (crtc_ww_class_acquire){+.+.}-{0:0}, at: drm_atomic_helper_dirtyfb+0xb5/0x7b0
[ 286.677917][ T40] #3: ffff88801fa860b0 (crtc_ww_class_mutex){+.+.}-{3:3}, at: modeset_lock+0x488/0x6c0
[ 286.677945][ T40] #4: ffffffff8e81db10 (drm_unplug_srcu){.+.+}-{0:0}, at: drm_dev_enter+0x49/0x160
[ 286.677993][ T40]
[ 286.677998][ T40] =============================================
[ 286.677998][ T40]
[ 286.678007][ T40] Kernel panic - not syncing: hung_task: blocked tasks
[ 286.678015][ T40] CPU: 1 PID: 40 Comm: khungtaskd Not tainted 6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[ 286.678032][ T40] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 286.678042][ T40] Call Trace:
[ 286.678050][ T40] <TASK>
[ 286.678056][ T40] dump_stack_lvl+0x3d/0x1f0
[ 286.678076][ T40] panic+0x6f5/0x7a0
[ 286.678100][ T40] ? __pfx_panic+0x10/0x10
[ 286.678125][ T40] ? watchdog+0xd3d/0x1240
[ 286.678141][ T40] ? watchdog+0xd30/0x1240
[ 286.678157][ T40] watchdog+0xd4e/0x1240
[ 286.678174][ T40] ? __pfx_watchdog+0x10/0x10
[ 286.678184][ T40] ? lockdep_hardirqs_on+0x7c/0x110
[ 286.678196][ T40] ? __kthread_parkme+0x148/0x220
[ 286.678208][ T40] ? __pfx_watchdog+0x10/0x10
[ 286.678218][ T40] kthread+0x2c1/0x3a0
[ 286.678229][ T40] ? _raw_spin_unlock_irq+0x23/0x50
[ 286.678239][ T40] ? __pfx_kthread+0x10/0x10
[ 286.678250][ T40] ret_from_fork+0x45/0x80
[ 286.678264][ T40] ? __pfx_kthread+0x10/0x10
[ 286.678275][ T40] ret_from_fork_asm+0x1a/0x30
[ 286.678290][ T40] </TASK>
[ 286.678891][ T40] Kernel Offset: disabled
program did not crash
testing program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x34}}, 0x0)
program did not crash
testing program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, 0x0, 0x0)
program did not crash
testing program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
program did not crash
testing program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
program did not crash
extracting C reproducer
testing compiled C program (duration=2m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
program did not crash
simplifying guilty program options
testing program (duration=2m30s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x34}}, 0x0)
program crashed: KASAN: slab-use-after-free Read in __hci_req_sync
extracting C reproducer
testing compiled C program (duration=2m30s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
program did not crash
testing program (duration=2m30s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$nl_generic-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$netlbl_mgmt-sendmsg$NLBL_MGMT_C_REMOVEDEF
detailed listing:
executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x34}}, 0x0)
program did not crash
reproducing took 30m10.617534921s
repro crashed as (corrupted=false):
==================================================================
BUG: KASAN: slab-use-after-free in instrument_atomic_read include/linux/instrumented.h:68 [inline]
BUG: KASAN: slab-use-after-free in atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline]
BUG: KASAN: slab-use-after-free in refcount_read include/linux/refcount.h:136 [inline]
BUG: KASAN: slab-use-after-free in skb_unref include/linux/skbuff.h:1222 [inline]
BUG: KASAN: slab-use-after-free in __kfree_skb_reason net/core/skbuff.c:1195 [inline]
BUG: KASAN: slab-use-after-free in kfree_skb_reason+0x36/0x210 net/core/skbuff.c:1222
Read of size 4 at addr ffff88801f12c364 by task syz-executor/6487
CPU: 1 PID: 6487 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114
print_address_description mm/kasan/report.c:377 [inline]
print_report+0xc3/0x620 mm/kasan/report.c:488
kasan_report+0xd9/0x110 mm/kasan/report.c:601
check_region_inline mm/kasan/generic.c:183 [inline]
kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189
instrument_atomic_read include/linux/instrumented.h:68 [inline]
atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline]
refcount_read include/linux/refcount.h:136 [inline]
skb_unref include/linux/skbuff.h:1222 [inline]
__kfree_skb_reason net/core/skbuff.c:1195 [inline]
kfree_skb_reason+0x36/0x210 net/core/skbuff.c:1222
kfree_skb include/linux/skbuff.h:1257 [inline]
__hci_req_sync+0x61d/0x980 net/bluetooth/hci_request.c:184
hci_req_sync+0x97/0xd0 net/bluetooth/hci_request.c:206
hci_dev_cmd+0x634/0x960 net/bluetooth/hci_core.c:787
hci_sock_ioctl+0x4f3/0x880 net/bluetooth/hci_sock.c:1150
sock_do_ioctl+0x116/0x280 net/socket.c:1222
sock_ioctl+0x22e/0x6c0 net/socket.c:1341
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:907 [inline]
__se_sys_ioctl fs/ioctl.c:893 [inline]
__x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f8509b757db
Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
RSP: 002b:00007fffd8c74ed0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8509b757db
RDX: 00007fffd8c74f48 RSI: 00000000400448dd RDI: 0000000000000003
RBP: 000055558349d4a8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
R13: 0000000000000002 R14: 0000000000000009 R15: 0000000000000009
</TASK>
Allocated by task 64:
kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
kasan_save_track+0x14/0x30 mm/kasan/common.c:68
unpoison_slab_object mm/kasan/common.c:312 [inline]
__kasan_slab_alloc+0x89/0x90 mm/kasan/common.c:338
kasan_slab_alloc include/linux/kasan.h:201 [inline]
slab_post_alloc_hook mm/slub.c:3940 [inline]
slab_alloc_node mm/slub.c:4002 [inline]
kmem_cache_alloc_noprof+0x121/0x2f0 mm/slub.c:4009
skb_clone+0x190/0x3f0 net/core/skbuff.c:2052
hci_send_cmd_sync net/bluetooth/hci_core.c:4123 [inline]
hci_cmd_work+0x66a/0x710 net/bluetooth/hci_core.c:4143
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3248
process_scheduled_works kernel/workqueue.c:3329 [inline]
worker_thread+0x6c8/0xf30 kernel/workqueue.c:3409
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
Freed by task 64:
kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
kasan_save_track+0x14/0x30 mm/kasan/common.c:68
kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579
poison_slab_object+0xf7/0x160 mm/kasan/common.c:240
__kasan_slab_free+0x32/0x50 mm/kasan/common.c:256
kasan_slab_free include/linux/kasan.h:184 [inline]
slab_free_hook mm/slub.c:2196 [inline]
slab_free mm/slub.c:4438 [inline]
kmem_cache_free+0x12f/0x3a0 mm/slub.c:4513
kfree_skbmem+0x10e/0x200 net/core/skbuff.c:1131
__kfree_skb net/core/skbuff.c:1188 [inline]
kfree_skb_reason+0x138/0x210 net/core/skbuff.c:1223
kfree_skb include/linux/skbuff.h:1257 [inline]
hci_req_sync_complete+0x16c/0x270 net/bluetooth/hci_request.c:109
hci_event_packet+0x963/0x1170 net/bluetooth/hci_event.c:7479
hci_rx_work+0x2c4/0x1610 net/bluetooth/hci_core.c:4074
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3248
process_scheduled_works kernel/workqueue.c:3329 [inline]
worker_thread+0x6c8/0xf30 kernel/workqueue.c:3409
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
The buggy address belongs to the object at ffff88801f12c280
which belongs to the cache skbuff_head_cache of size 240
The buggy address is located 228 bytes inside of
freed 240-byte region [ffff88801f12c280, ffff88801f12c370)
The buggy address belongs to the physical page:
page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1f12c
head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
page_type: 0xffffefff(slab)
raw: 00fff00000000040 ffff888019298780 ffffea0000a7c680 dead000000000003
raw: 0000000000000000 0000000000190019 00000001ffffefff 0000000000000000
head: 00fff00000000040 ffff888019298780 ffffea0000a7c680 dead000000000003
head: 0000000000000000 0000000000190019 00000001ffffefff 0000000000000000
head: 00fff00000000001 ffffea00007c4b01 ffffffffffffffff 0000000000000000
head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 1, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6170, tgid 6170 (syz-executor), ts 319322108245, free_ts 319303442348
set_page_owner include/linux/page_owner.h:32 [inline]
post_alloc_hook+0x2d1/0x350 mm/page_alloc.c:1473
prep_new_page mm/page_alloc.c:1481 [inline]
get_page_from_freelist+0x1353/0x2e50 mm/page_alloc.c:3425
__alloc_pages_noprof+0x22b/0x2460 mm/page_alloc.c:4683
__alloc_pages_node_noprof include/linux/gfp.h:269 [inline]
alloc_pages_node_noprof include/linux/gfp.h:296 [inline]
alloc_slab_page+0x56/0x110 mm/slub.c:2265
allocate_slab mm/slub.c:2428 [inline]
new_slab+0x84/0x260 mm/slub.c:2481
___slab_alloc+0xdac/0x1870 mm/slub.c:3667
__slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3757
__slab_alloc_node mm/slub.c:3810 [inline]
slab_alloc_node mm/slub.c:3990 [inline]
kmem_cache_alloc_node_noprof+0xed/0x310 mm/slub.c:4045
__alloc_skb+0x2b1/0x380 net/core/skbuff.c:656
alloc_skb include/linux/skbuff.h:1308 [inline]
nlmsg_new include/net/netlink.h:1015 [inline]
inet_netconf_notify_devconf+0x8b/0x1f0 net/ipv4/devinet.c:2133
__devinet_sysctl_register+0x223/0x360 net/ipv4/devinet.c:2608
devinet_sysctl_register net/ipv4/devinet.c:2642 [inline]
devinet_sysctl_register+0x17b/0x200 net/ipv4/devinet.c:2632
inetdev_init+0x28b/0x580 net/ipv4/devinet.c:291
inetdev_event+0xd23/0x19b0 net/ipv4/devinet.c:1565
notifier_call_chain+0xb9/0x410 kernel/notifier.c:93
call_netdevice_notifiers_info+0xbe/0x140 net/core/dev.c:1992
page last free pid 6170 tgid 6170 stack trace:
reset_page_owner include/linux/page_owner.h:25 [inline]
free_pages_prepare mm/page_alloc.c:1093 [inline]
free_unref_page+0x64a/0xe40 mm/page_alloc.c:2588
mm_free_pgd kernel/fork.c:804 [inline]
__mmdrop+0xd5/0x470 kernel/fork.c:920
mmdrop include/linux/sched/mm.h:55 [inline]
mmdrop_sched include/linux/sched/mm.h:83 [inline]
mmdrop_lazy_tlb_sched include/linux/sched/mm.h:110 [inline]
finish_task_switch.isra.0+0x7af/0xcc0 kernel/sched/core.c:5307
context_switch kernel/sched/core.c:5411 [inline]
__schedule+0xf1d/0x5d00 kernel/sched/core.c:6745
__schedule_loop kernel/sched/core.c:6822 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6837
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6894
rwsem_down_write_slowpath kernel/locking/rwsem.c:1178 [inline]
__down_write_common+0x950/0x13f0 kernel/locking/rwsem.c:1306
kernfs_add_one+0xb1/0x520 fs/kernfs/dir.c:778
__kernfs_create_file+0x295/0x350 fs/kernfs/file.c:1063
sysfs_add_file_mode_ns+0x1ff/0x3b0 fs/sysfs/file.c:307
create_files fs/sysfs/group.c:76 [inline]
internal_create_group+0x565/0xe50 fs/sysfs/group.c:180
internal_create_groups+0x9d/0x150 fs/sysfs/group.c:220
device_add_groups drivers/base/core.c:2826 [inline]
device_add_attrs drivers/base/core.c:2901 [inline]
device_add+0xf33/0x1a70 drivers/base/core.c:3633
netdev_register_kobject+0x187/0x3f0 net/core/net-sysfs.c:2136
register_netdevice+0x12ce/0x1cb0 net/core/dev.c:10375
lapbeth_new_device drivers/net/wan/lapbether.c:418 [inline]
lapbeth_device_event+0x5b0/0xd40 drivers/net/wan/lapbether.c:460
Memory state around the buggy address:
ffff88801f12c200: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
ffff88801f12c280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff88801f12c300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
^
ffff88801f12c380: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
ffff88801f12c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================
final repro crashed as (corrupted=false):
==================================================================
BUG: KASAN: slab-use-after-free in instrument_atomic_read include/linux/instrumented.h:68 [inline]
BUG: KASAN: slab-use-after-free in atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline]
BUG: KASAN: slab-use-after-free in refcount_read include/linux/refcount.h:136 [inline]
BUG: KASAN: slab-use-after-free in skb_unref include/linux/skbuff.h:1222 [inline]
BUG: KASAN: slab-use-after-free in __kfree_skb_reason net/core/skbuff.c:1195 [inline]
BUG: KASAN: slab-use-after-free in kfree_skb_reason+0x36/0x210 net/core/skbuff.c:1222
Read of size 4 at addr ffff88801f12c364 by task syz-executor/6487
CPU: 1 PID: 6487 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114
print_address_description mm/kasan/report.c:377 [inline]
print_report+0xc3/0x620 mm/kasan/report.c:488
kasan_report+0xd9/0x110 mm/kasan/report.c:601
check_region_inline mm/kasan/generic.c:183 [inline]
kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189
instrument_atomic_read include/linux/instrumented.h:68 [inline]
atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline]
refcount_read include/linux/refcount.h:136 [inline]
skb_unref include/linux/skbuff.h:1222 [inline]
__kfree_skb_reason net/core/skbuff.c:1195 [inline]
kfree_skb_reason+0x36/0x210 net/core/skbuff.c:1222
kfree_skb include/linux/skbuff.h:1257 [inline]
__hci_req_sync+0x61d/0x980 net/bluetooth/hci_request.c:184
hci_req_sync+0x97/0xd0 net/bluetooth/hci_request.c:206
hci_dev_cmd+0x634/0x960 net/bluetooth/hci_core.c:787
hci_sock_ioctl+0x4f3/0x880 net/bluetooth/hci_sock.c:1150
sock_do_ioctl+0x116/0x280 net/socket.c:1222
sock_ioctl+0x22e/0x6c0 net/socket.c:1341
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:907 [inline]
__se_sys_ioctl fs/ioctl.c:893 [inline]
__x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f8509b757db
Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
RSP: 002b:00007fffd8c74ed0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8509b757db
RDX: 00007fffd8c74f48 RSI: 00000000400448dd RDI: 0000000000000003
RBP: 000055558349d4a8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
R13: 0000000000000002 R14: 0000000000000009 R15: 0000000000000009
</TASK>
Allocated by task 64:
kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
kasan_save_track+0x14/0x30 mm/kasan/common.c:68
unpoison_slab_object mm/kasan/common.c:312 [inline]
__kasan_slab_alloc+0x89/0x90 mm/kasan/common.c:338
kasan_slab_alloc include/linux/kasan.h:201 [inline]
slab_post_alloc_hook mm/slub.c:3940 [inline]
slab_alloc_node mm/slub.c:4002 [inline]
kmem_cache_alloc_noprof+0x121/0x2f0 mm/slub.c:4009
skb_clone+0x190/0x3f0 net/core/skbuff.c:2052
hci_send_cmd_sync net/bluetooth/hci_core.c:4123 [inline]
hci_cmd_work+0x66a/0x710 net/bluetooth/hci_core.c:4143
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3248
process_scheduled_works kernel/workqueue.c:3329 [inline]
worker_thread+0x6c8/0xf30 kernel/workqueue.c:3409
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
Freed by task 64:
kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
kasan_save_track+0x14/0x30 mm/kasan/common.c:68
kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579
poison_slab_object+0xf7/0x160 mm/kasan/common.c:240
__kasan_slab_free+0x32/0x50 mm/kasan/common.c:256
kasan_slab_free include/linux/kasan.h:184 [inline]
slab_free_hook mm/slub.c:2196 [inline]
slab_free mm/slub.c:4438 [inline]
kmem_cache_free+0x12f/0x3a0 mm/slub.c:4513
kfree_skbmem+0x10e/0x200 net/core/skbuff.c:1131
__kfree_skb net/core/skbuff.c:1188 [inline]
kfree_skb_reason+0x138/0x210 net/core/skbuff.c:1223
kfree_skb include/linux/skbuff.h:1257 [inline]
hci_req_sync_complete+0x16c/0x270 net/bluetooth/hci_request.c:109
hci_event_packet+0x963/0x1170 net/bluetooth/hci_event.c:7479
hci_rx_work+0x2c4/0x1610 net/bluetooth/hci_core.c:4074
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3248
process_scheduled_works kernel/workqueue.c:3329 [inline]
worker_thread+0x6c8/0xf30 kernel/workqueue.c:3409
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
The buggy address belongs to the object at ffff88801f12c280
which belongs to the cache skbuff_head_cache of size 240
The buggy address is located 228 bytes inside of
freed 240-byte region [ffff88801f12c280, ffff88801f12c370)
The buggy address belongs to the physical page:
page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1f12c
head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
page_type: 0xffffefff(slab)
raw: 00fff00000000040 ffff888019298780 ffffea0000a7c680 dead000000000003
raw: 0000000000000000 0000000000190019 00000001ffffefff 0000000000000000
head: 00fff00000000040 ffff888019298780 ffffea0000a7c680 dead000000000003
head: 0000000000000000 0000000000190019 00000001ffffefff 0000000000000000
head: 00fff00000000001 ffffea00007c4b01 ffffffffffffffff 0000000000000000
head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 1, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 6170, tgid 6170 (syz-executor), ts 319322108245, free_ts 319303442348
set_page_owner include/linux/page_owner.h:32 [inline]
post_alloc_hook+0x2d1/0x350 mm/page_alloc.c:1473
prep_new_page mm/page_alloc.c:1481 [inline]
get_page_from_freelist+0x1353/0x2e50 mm/page_alloc.c:3425
__alloc_pages_noprof+0x22b/0x2460 mm/page_alloc.c:4683
__alloc_pages_node_noprof include/linux/gfp.h:269 [inline]
alloc_pages_node_noprof include/linux/gfp.h:296 [inline]
alloc_slab_page+0x56/0x110 mm/slub.c:2265
allocate_slab mm/slub.c:2428 [inline]
new_slab+0x84/0x260 mm/slub.c:2481
___slab_alloc+0xdac/0x1870 mm/slub.c:3667
__slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3757
__slab_alloc_node mm/slub.c:3810 [inline]
slab_alloc_node mm/slub.c:3990 [inline]
kmem_cache_alloc_node_noprof+0xed/0x310 mm/slub.c:4045
__alloc_skb+0x2b1/0x380 net/core/skbuff.c:656
alloc_skb include/linux/skbuff.h:1308 [inline]
nlmsg_new include/net/netlink.h:1015 [inline]
inet_netconf_notify_devconf+0x8b/0x1f0 net/ipv4/devinet.c:2133
__devinet_sysctl_register+0x223/0x360 net/ipv4/devinet.c:2608
devinet_sysctl_register net/ipv4/devinet.c:2642 [inline]
devinet_sysctl_register+0x17b/0x200 net/ipv4/devinet.c:2632
inetdev_init+0x28b/0x580 net/ipv4/devinet.c:291
inetdev_event+0xd23/0x19b0 net/ipv4/devinet.c:1565
notifier_call_chain+0xb9/0x410 kernel/notifier.c:93
call_netdevice_notifiers_info+0xbe/0x140 net/core/dev.c:1992
page last free pid 6170 tgid 6170 stack trace:
reset_page_owner include/linux/page_owner.h:25 [inline]
free_pages_prepare mm/page_alloc.c:1093 [inline]
free_unref_page+0x64a/0xe40 mm/page_alloc.c:2588
mm_free_pgd kernel/fork.c:804 [inline]
__mmdrop+0xd5/0x470 kernel/fork.c:920
mmdrop include/linux/sched/mm.h:55 [inline]
mmdrop_sched include/linux/sched/mm.h:83 [inline]
mmdrop_lazy_tlb_sched include/linux/sched/mm.h:110 [inline]
finish_task_switch.isra.0+0x7af/0xcc0 kernel/sched/core.c:5307
context_switch kernel/sched/core.c:5411 [inline]
__schedule+0xf1d/0x5d00 kernel/sched/core.c:6745
__schedule_loop kernel/sched/core.c:6822 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6837
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6894
rwsem_down_write_slowpath kernel/locking/rwsem.c:1178 [inline]
__down_write_common+0x950/0x13f0 kernel/locking/rwsem.c:1306
kernfs_add_one+0xb1/0x520 fs/kernfs/dir.c:778
__kernfs_create_file+0x295/0x350 fs/kernfs/file.c:1063
sysfs_add_file_mode_ns+0x1ff/0x3b0 fs/sysfs/file.c:307
create_files fs/sysfs/group.c:76 [inline]
internal_create_group+0x565/0xe50 fs/sysfs/group.c:180
internal_create_groups+0x9d/0x150 fs/sysfs/group.c:220
device_add_groups drivers/base/core.c:2826 [inline]
device_add_attrs drivers/base/core.c:2901 [inline]
device_add+0xf33/0x1a70 drivers/base/core.c:3633
netdev_register_kobject+0x187/0x3f0 net/core/net-sysfs.c:2136
register_netdevice+0x12ce/0x1cb0 net/core/dev.c:10375
lapbeth_new_device drivers/net/wan/lapbether.c:418 [inline]
lapbeth_device_event+0x5b0/0xd40 drivers/net/wan/lapbether.c:460
Memory state around the buggy address:
ffff88801f12c200: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
ffff88801f12c280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff88801f12c300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
^
ffff88801f12c380: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
ffff88801f12c400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================