last executing test programs: kernel console output (not intermixed with test programs): [ 68.168277][ T5627] sshd-session (5627) used greatest stack depth: 19512 bytes left Warning: Permanently added '[localhost]:49454' (ED25519) to the list of known hosts. [ 72.668768][ T5646] cgroup: Unknown subsys name 'net' [ 72.828271][ T5646] cgroup: Unknown subsys name 'cpuset' [ 72.836873][ T5646] cgroup: Unknown subsys name 'rlimit' [ 72.839631][ T5665] BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:323 [ 72.842926][ T5665] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5665, name: dhcpcd-run-hook [ 72.846921][ T5665] preempt_count: 0, expected: 0 [ 72.848592][ T5665] RCU nest depth: 1, expected: 0 [ 72.850234][ T5665] 2 locks held by dhcpcd-run-hook/5665: [ 72.852285][ T5665] #0: ffff8880243d01c8 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x11d/0x590 [ 72.855703][ T5665] #1: ffffffff8e7e52e0 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x2f/0x310 [ 72.858849][ T5665] CPU: 0 UID: 0 PID: 5665 Comm: dhcpcd-run-hook Not tainted syzkaller #0 PREEMPT(full) [ 72.858863][ T5665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 72.858869][ T5665] Call Trace: [ 72.858874][ T5665] [ 72.858879][ T5665] dump_stack_lvl+0x100/0x190 [ 72.858894][ T5665] __might_resched.cold+0x1ec/0x232 [ 72.858909][ T5665] ? __pfx___might_resched+0x10/0x10 [ 72.858921][ T5665] ? prepare_alloc_pages+0x16d/0x5f0 [ 72.858937][ T5665] prepare_alloc_pages+0x44a/0x5f0 [ 72.858950][ T5665] ? __lock_acquire+0x4a5/0x2630 [ 72.858962][ T5665] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 72.858987][ T5665] ? find_held_lock+0x2b/0x80 [ 72.859001][ T5665] ? __bfs+0x150/0x2a0 [ 72.859015][ T5665] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 72.859035][ T5665] ? check_irq_usage+0xe5/0x810 [ 72.859052][ T5665] ? lru_gen_add_folio+0x20f/0x13d0 [ 72.859063][ T5665] ? __bfs+0x150/0x2a0 [ 72.859080][ T5665] ? check_noncircular+0x97/0x160 [ 72.859097][ T5665] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 72.859114][ T5665] ? policy_nodemask+0xed/0x4f0 [ 72.859128][ T5665] alloc_pages_mpol+0x1fb/0x540 [ 72.859142][ T5665] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 72.859158][ T5665] folio_alloc_mpol_noprof+0x36/0x260 [ 72.859174][ T5665] vma_alloc_folio_noprof+0xed/0x1d0 [ 72.859188][ T5665] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 72.859203][ T5665] ? rcu_read_unlock+0x2d/0xb0 [ 72.859219][ T5665] ? rcu_read_unlock+0x2d/0xb0 [ 72.859239][ T5665] do_wp_page+0x1ee1/0x4350 [ 72.859256][ T5665] ? __pfx_do_wp_page+0x10/0x10 [ 72.859271][ T5665] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 72.859287][ T5665] __handle_mm_fault+0x1ab6/0x2a00 [ 72.859306][ T5665] ? reacquire_held_locks+0xce/0x1e0 [ 72.859317][ T5665] ? __pfx___handle_mm_fault+0x10/0x10 [ 72.859335][ T5665] ? lock_vma_under_rcu+0x17c/0x590 [ 72.859359][ T5665] handle_mm_fault+0x36d/0xa20 [ 72.859377][ T5665] do_user_addr_fault+0x5a3/0x12f0 [ 72.859395][ T5665] exc_page_fault+0x6f/0xd0 [ 72.859409][ T5665] asm_exc_page_fault+0x26/0x30 [ 72.859420][ T5665] RIP: 0033:0x7f5a6f60980e [ 72.859430][ T5665] Code: df e8 d7 c4 ff ff 48 8d 3d 9c 92 05 00 31 c0 e8 e1 ca ff ff 95 75 24 48 8d 05 5e 9c 07 00 44 89 f2 4c 89 e6 48 89 df 48 8b 00 <83> a0 f8 02 00 00 00 e8 de eb ff ff e9 a8 00 00 00 48 85 db 0f 84 [ 72.859440][ T5665] RSP: 002b:00007ffc0b5c63f0 EFLAGS: 00010246 [ 72.859449][ T5665] RAX: 000055c4ea134910 RBX: 000055c4ea135c60 RCX: 0000000000000000 [ 72.859455][ T5665] RDX: 0000000000000000 RSI: 000055c4ea138c30 RDI: 000055c4ea135c60 [ 72.859504][ T5665] RBP: 0000000000000000 R08: 00007f5a6f5b4b60 R09: 0000000000000000 [ 72.859510][ T5665] R10: 0000000000000008 R11: 0000000000000246 R12: 000055c4ea138c30 [ 72.859516][ T5665] R13: 000055c4ea135c60 R14: 0000000000000000 R15: 0000000000000000 [ 72.859529][ T5665] [ 72.859702][ T5665] [ 72.955565][ T5665] ================================================ [ 72.957730][ T5665] WARNING: lock held when returning to user space! [ 72.959809][ T5665] syzkaller #0 Tainted: G W [ 72.961776][ T5665] ------------------------------------------------ [ 72.963837][ T5665] dhcpcd-run-hook/5665 is leaving the kernel with locks still held! [ 72.966364][ T5665] 1 lock held by dhcpcd-run-hook/5665: [ 72.968186][ T5665] #0: ffffffff8e7e52e0 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x2f/0x310 Setting up swapspace version 1, size = 127995904 bytes [ 73.666378][ T5646] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 75.987025][ T1431] ieee802154 phy0 wpan0: encryption failed: -22 [ 75.989833][ T1431] ieee802154 phy1 wpan1: encryption failed: -22