INFO: task dhcpcd:3835 blocked for more than 157 seconds.
Not tainted 5.15.170-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:dhcpcd state:D stack:23168 pid: 3835 ppid: 1 flags:0x00004202
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5027 [inline]
__schedule+0x12c4/0x45b0 kernel/sched/core.c:6373
schedule+0x11b/0x1f0 kernel/sched/core.c:6456
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6515
__mutex_lock_common+0xe34/0x25a0 kernel/locking/mutex.c:669
__mutex_lock kernel/locking/mutex.c:729 [inline]
mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
__netlink_dump_start+0x12e/0x6d0 net/netlink/af_netlink.c:2349
netlink_dump_start include/linux/netlink.h:258 [inline]
rtnetlink_rcv_msg+0xbfe/0xee0 net/core/rtnetlink.c:5610
netlink_rcv_skb+0x1cf/0x410 net/netlink/af_netlink.c:2504
netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline]
netlink_unicast+0x7b6/0x980 net/netlink/af_netlink.c:1352
netlink_sendmsg+0xa30/0xd60 net/netlink/af_netlink.c:1920
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
____sys_sendmsg+0x59e/0x8f0 net/socket.c:2436
___sys_sendmsg+0x252/0x2e0 net/socket.c:2490
__sys_sendmsg net/socket.c:2519 [inline]
__do_sys_sendmsg net/socket.c:2528 [inline]
__se_sys_sendmsg+0x19a/0x260 net/socket.c:2526
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f7c413d3a4b
RSP: 002b:00007ffdd7fc84d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000055df0890181d RCX: 00007f7c413d3a4b
RDX: 0000000000000000 RSI: 00007ffdd7fc8520 RDI: 000000000000000f
RBP: 00007ffdd7fd0898 R08: 00007ffdd7fcc5c4 R09: 00007ffdd7fcc5c4
R10: 00007ffdd7fd0ae0 R11: 0000000000000246 R12: 000000000000000f
R13: 000055df2786a6d0 R14: 00007ffdd7fd0898 R15: 0000000009001eac
</TASK>
INFO: task kworker/u4:8:5916 blocked for more than 158 seconds.
Not tainted 5.15.170-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u4:8 state:D stack:21016 pid: 5916 ppid: 2 flags:0x00004000
Workqueue: events_unbound linkwatch_event
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5027 [inline]
__schedule+0x12c4/0x45b0 kernel/sched/core.c:6373
schedule+0x11b/0x1f0 kernel/sched/core.c:6456
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6515
__mutex_lock_common+0xe34/0x25a0 kernel/locking/mutex.c:669
__mutex_lock kernel/locking/mutex.c:729 [inline]
mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
linkwatch_event+0xa/0x50 net/core/link_watch.c:251
process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
</TASK>
INFO: task syz-executor:6253 blocked for more than 158 seconds.
Not tainted 5.15.170-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:22272 pid: 6253 ppid: 1 flags:0x00004004
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5027 [inline]
__schedule+0x12c4/0x45b0 kernel/sched/core.c:6373
schedule+0x11b/0x1f0 kernel/sched/core.c:6456
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6515
__mutex_lock_common+0xe34/0x25a0 kernel/locking/mutex.c:669
__mutex_lock kernel/locking/mutex.c:729 [inline]
mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
register_nexthop_notifier+0x80/0x270 net/ipv4/nexthop.c:3607
ops_init+0x35d/0x610 net/core/net_namespace.c:138
setup_net+0x358/0x9e0 net/core/net_namespace.c:332
copy_net_ns+0x392/0x5d0 net/core/net_namespace.c:476
create_new_namespaces+0x425/0x7a0 kernel/nsproxy.c:110
unshare_nsproxy_namespaces+0x11e/0x170 kernel/nsproxy.c:226
ksys_unshare+0x531/0xa40 kernel/fork.c:3097
__do_sys_unshare kernel/fork.c:3171 [inline]
__se_sys_unshare kernel/fork.c:3169 [inline]
__x64_sys_unshare+0x34/0x40 kernel/fork.c:3169
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f1a540f3f17
RSP: 002b:00007ffcd5143e78 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007f1a542a9f40 RCX: 00007f1a540f3f17
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
RBP: 00007f1a542aaa38 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
</TASK>
INFO: task syz-executor:6256 blocked for more than 159 seconds.
Not tainted 5.15.170-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:27040 pid: 6256 ppid: 1 flags:0x00004004
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5027 [inline]
__schedule+0x12c4/0x45b0 kernel/sched/core.c:6373
schedule+0x11b/0x1f0 kernel/sched/core.c:6456
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6515
__mutex_lock_common+0xe34/0x25a0 kernel/locking/mutex.c:669
__mutex_lock kernel/locking/mutex.c:729 [inline]
mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
rtnl_lock net/core/rtnetlink.c:72 [inline]
rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
netlink_rcv_skb+0x1cf/0x410 net/netlink/af_netlink.c:2504
netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline]
netlink_unicast+0x7b6/0x980 net/netlink/af_netlink.c:1352
netlink_sendmsg+0xa30/0xd60 net/netlink/af_netlink.c:1920
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
__sys_sendto+0x564/0x720 net/socket.c:2063
__do_sys_sendto net/socket.c:2075 [inline]
__se_sys_sendto net/socket.c:2071 [inline]
__x64_sys_sendto+0xda/0xf0 net/socket.c:2071
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7fd836ca45ac
RSP: 002b:00007ffdfb5aad10 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007fd837988620 RCX: 00007fd836ca45ac
RDX: 0000000000000028 RSI: 00007fd837988670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffdfb5aad64 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007fd837988670 R15: 0000000000000000
</TASK>
INFO: task syz-executor:6261 blocked for more than 159 seconds.
Not tainted 5.15.170-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:26624 pid: 6261 ppid: 1 flags:0x00004004
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5027 [inline]
__schedule+0x12c4/0x45b0 kernel/sched/core.c:6373
schedule+0x11b/0x1f0 kernel/sched/core.c:6456
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6515
__mutex_lock_common+0xe34/0x25a0 kernel/locking/mutex.c:669
__mutex_lock kernel/locking/mutex.c:729 [inline]
mutex_lock_nested+0x17/0x20 kernel/locking/mutex.c:743
rtnl_lock net/core/rtnetlink.c:72 [inline]
rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
netlink_rcv_skb+0x1cf/0x410 net/netlink/af_netlink.c:2504
netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline]
netlink_unicast+0x7b6/0x980 net/netlink/af_netlink.c:1352
netlink_sendmsg+0xa30/0xd60 net/netlink/af_netlink.c:1920
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
__sys_sendto+0x564/0x720 net/socket.c:2063
__do_sys_sendto net/socket.c:2075 [inline]
__se_sys_sendto net/socket.c:2071 [inline]
__x64_sys_sendto+0xda/0xf0 net/socket.c:2071
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f66c3f635ac
RSP: 002b:00007ffc06243780 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f66c4c47620 RCX: 00007f66c3f635ac
RDX: 0000000000000028 RSI: 00007f66c4c47670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffc062437d4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f66c4c47670 R15: 0000000000000000
</TASK>
Showing all locks held in the system:
1 lock held by khungtaskd/27:
#0: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
4 locks held by kworker/u5:0/146:
#0: ffff888020dfc938 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc9000171fd20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffff888025788078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0xb3/0xb50 net/bluetooth/hci_event.c:3319
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:1502 [inline]
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x52f/0xb50 net/bluetooth/hci_event.c:3352
1 lock held by dhcpcd/3835:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: __netlink_dump_start+0x12e/0x6d0 net/netlink/af_netlink.c:2349
2 locks held by getty/3929:
#0: ffff88802c2ee098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 drivers/tty/tty_ldisc.c:252
#1: ffffc900025c62e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0 drivers/tty/n_tty.c:2158
3 locks held by syz-executor/4166:
#0: ffff88807cae0ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x63/0x1070 net/bluetooth/hci_core.c:1737
#1: ffff88807cae0078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x431/0x1070 net/bluetooth/hci_core.c:1782
#2: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_disconn_cfm include/net/bluetooth/hci_core.h:1517 [inline]
#2: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x220 net/bluetooth/hci_conn.c:1622
4 locks held by kworker/u5:3/4177:
#0: ffff88805a18f138 ((wq_completion)hci14#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc90002f77d20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffff88802ca18078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0xb3/0xb50 net/bluetooth/hci_event.c:3319
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:1502 [inline]
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x52f/0xb50 net/bluetooth/hci_event.c:3352
4 locks held by kworker/u5:4/4178:
#0: ffff88807cb59138 ((wq_completion)hci12#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc90002f87d20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffff88805a090078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0xb3/0xb50 net/bluetooth/hci_event.c:3319
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:1502 [inline]
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x52f/0xb50 net/bluetooth/hci_event.c:3352
4 locks held by kworker/u5:5/4179:
#0: ffff8880795cb938 ((wq_completion)hci13#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc90002f97d20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffff88805a094078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0xb3/0xb50 net/bluetooth/hci_event.c:3319
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:1502 [inline]
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x52f/0xb50 net/bluetooth/hci_event.c:3352
4 locks held by kworker/u5:7/4181:
#0: ffff8880751bc138 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc90002fc7d20 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffff88802578c078 (&hdev->lock){+.+.}-{3:3}, at: hci_remote_features_evt+0xb3/0xb50 net/bluetooth/hci_event.c:3319
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:1502 [inline]
#3: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_remote_features_evt+0x52f/0xb50 net/bluetooth/hci_event.c:3352
4 locks held by kworker/u5:8/4182:
#0: ffff8880751bb138 ((wq_completion)hci10){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc900033e7d20 ((work_completion)(&hdev->scan_update)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffff888025788ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_req_sync net/bluetooth/hci_request.c:278 [inline]
#2: ffff888025788ff0 (&hdev->req_lock){+.+.}-{3:3}, at: scan_update_work+0x1e/0xa0 net/bluetooth/hci_request.c:2686
#3: ffff888025788078 (&hdev->lock){+.+.}-{3:3}, at: update_scan+0x3b/0x70 net/bluetooth/hci_request.c:2676
3 locks held by kworker/1:6/4212:
#0: ffff888017070938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc90003997d20 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:322 [inline]
#2: ffffffff8c924228 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x350/0x740 kernel/rcu/tree_exp.h:845
2 locks held by kworker/1:7/4243:
#0: ffff888017072138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc900039f7d20 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
3 locks held by kworker/1:10/4549:
#0: ffff888017071938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc900030d7d20 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x7f/0xb70 net/wireless/reg.c:2436
3 locks held by kworker/1:15/5069:
#0: ffff88802b1d0538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc900035dfd20 ((addr_chk_work).work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4657
3 locks held by kworker/0:12/5701:
#0: ffff888017070938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc90003587d20 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:74
1 lock held by syz-executor/5836:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: tun_detach drivers/net/tun.c:699 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3a/0x1b0 drivers/net/tun.c:3440
3 locks held by kworker/u4:8/5916:
#0: ffff888017079138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 kernel/workqueue.c:2283
#1: ffffc90003107d20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 kernel/workqueue.c:2285
#2: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xa/0x50 net/core/link_watch.c:251
3 locks held by syz-executor/6103:
#0: ffff88805d0fcff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x63/0x1070 net/bluetooth/hci_core.c:1737
#1: ffff88805d0fc078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x431/0x1070 net/bluetooth/hci_core.c:1782
#2: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_disconn_cfm include/net/bluetooth/hci_core.h:1517 [inline]
#2: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x220 net/bluetooth/hci_conn.c:1622
1 lock held by syz.1.515/6227:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: tun_detach drivers/net/tun.c:699 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3a/0x1b0 drivers/net/tun.c:3440
1 lock held by syz.3.518/6236:
3 locks held by syz-executor/6241:
#0: ffff88807d3f4ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x63/0x1070 net/bluetooth/hci_core.c:1737
#1: ffff88807d3f4078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x431/0x1070 net/bluetooth/hci_core.c:1782
#2: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_disconn_cfm include/net/bluetooth/hci_core.h:1517 [inline]
#2: ffffffff8db7b5a8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x220 net/bluetooth/hci_conn.c:1622
2 locks held by syz-executor/6253:
#0: ffffffff8da26650 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x378/0x5d0 net/core/net_namespace.c:472
#1: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x80/0x270 net/ipv4/nexthop.c:3607
1 lock held by syz-executor/6256:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
1 lock held by syz-executor/6261:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
1 lock held by syz-executor/6265:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
1 lock held by syz-executor/6269:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
1 lock held by syz-executor/6271:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
1 lock held by syz-executor/6279:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
1 lock held by syz-executor/6280:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
2 locks held by syz-executor/6288:
1 lock held by syz-executor/6291:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
1 lock held by syz-executor/6292:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
2 locks held by syz-executor/6295:
1 lock held by syz-executor/6297:
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8da32208 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x94c/0xee0 net/core/rtnetlink.c:5644
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.170-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
nmi_cpu_backtrace+0x46a/0x4a0 lib/nmi_backtrace.c:111
nmi_trigger_cpumask_backtrace+0x181/0x2a0 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:210 [inline]
watchdog+0xe72/0xeb0 kernel/hung_task.c:295
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
</TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.15.170-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:kasan_check_range+0x1ac/0x290 mm/kasan/generic.c:189
Code: 4c 89 d5 48 8d 5d 07 48 85 ed 48 0f 49 dd 48 83 e3 f8 48 29 dd 74 12 41 80 39 00 0f 85 a2 00 00 00 49 ff c1 48 ff cd 75 ee 5b <41> 5e 41 5f 5d c3 45 84 f6 75 61 41 f7 c6 00 ff 00 00 75 5d 41 f7
RSP: 0018:ffffc900000079c0 EFLAGS: 00000056
RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8162c78b
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90763100
RBP: 0000000000000001 R08: dffffc0000000000 R09: fffffbfff20ec621
R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
R13: ffffffff8c6be0a8 R14: fffffbfff20ec621 R15: ffffffff8c6be0f8
FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe96a6a6d00 CR3: 0000000020484000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000400
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
<NMI>
</NMI>
<IRQ>
instrument_atomic_read include/linux/instrumented.h:71 [inline]
test_bit include/asm-generic/bitops/instrumented-non-atomic.h:134 [inline]
hlock_class kernel/locking/lockdep.c:197 [inline]
check_wait_context kernel/locking/lockdep.c:4686 [inline]
__lock_acquire+0x49b/0x1ff0 kernel/locking/lockdep.c:4962
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
debug_object_activate+0x63/0x4e0 lib/debugobjects.c:694
debug_hrtimer_activate kernel/time/hrtimer.c:420 [inline]
debug_activate kernel/time/hrtimer.c:475 [inline]
enqueue_hrtimer+0x30/0x390 kernel/time/hrtimer.c:1084
__run_hrtimer kernel/time/hrtimer.c:1705 [inline]
__hrtimer_run_queues+0x6b6/0xcf0 kernel/time/hrtimer.c:1752
hrtimer_interrupt+0x392/0x980 kernel/time/hrtimer.c:1814
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1097 [inline]
__sysvec_apic_timer_interrupt+0x13b/0x4b0 arch/x86/kernel/apic/apic.c:1114
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1108 [inline]
sysvec_apic_timer_interrupt+0x9b/0xc0 arch/x86/kernel/apic/apic.c:1108
</IRQ>
<TASK>
asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:676
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:22 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:70 [inline]
RIP: 0010:arch_irqs_disabled arch/x86/include/asm/irqflags.h:132 [inline]
RIP: 0010:acpi_safe_halt drivers/acpi/processor_idle.c:109 [inline]
RIP: 0010:acpi_idle_do_entry+0x10f/0x340 drivers/acpi/processor_idle.c:562
Code: c9 42 f7 48 83 e3 08 0f 85 0a 01 00 00 4c 8d 74 24 20 e8 44 44 49 f7 0f 1f 44 00 00 e8 ea c5 42 f7 0f 00 2d 63 92 a5 00 fb f4 <4c> 89 f3 48 c1 eb 03 42 80 3c 3b 00 74 08 4c 89 f7 e8 1b 91 8c f7
RSP: 0018:ffffffff8c607b80 EFLAGS: 000002d3
RAX: ffffffff8a3dadd6 RBX: 0000000000000000 RCX: ffffffff8c6bd5c0
RDX: 0000000000000000 RSI: ffffffff8a8b2a80 RDI: ffffffff8ad90480
RBP: ffffffff8c607c10 R08: ffffffff8186f240 R09: fffffbfff18d7ab9
R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffffffff18c0f70
R13: ffff88801d9ae004 R14: ffffffff8c607ba0 R15: dffffc0000000000
acpi_idle_enter+0x352/0x4f0 drivers/acpi/processor_idle.c:697
cpuidle_enter_state+0x521/0xef0 drivers/cpuidle/cpuidle.c:237
cpuidle_enter+0x59/0x90 drivers/cpuidle/cpuidle.c:351
call_cpuidle kernel/sched/idle.c:158 [inline]
cpuidle_idle_call kernel/sched/idle.c:239 [inline]
do_idle+0x3e4/0x670 kernel/sched/idle.c:306
cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:403
start_kernel+0x48c/0x540 init/main.c:1140
secondary_startup_64_no_verify+0xb1/0xbb
</TASK>