INFO: task syz-executor.3:21791 blocked for more than 143 seconds.
Not tainted 5.11.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3 state:D stack:27616 pid:21791 ppid: 8454 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:4327 [inline]
__schedule+0x90c/0x21a0 kernel/sched/core.c:5078
schedule+0xcf/0x270 kernel/sched/core.c:5157
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
ipv6_route_ioctl+0x3c7/0x570 net/ipv6/route.c:4361
inet6_ioctl+0x242/0x280 net/ipv6/af_inet6.c:561
sock_do_ioctl+0xcb/0x2d0 net/socket.c:1037
sock_ioctl+0x477/0x6a0 net/socket.c:1177
vfs_ioctl fs/ioctl.c:48 [inline]
__do_sys_ioctl fs/ioctl.c:753 [inline]
__se_sys_ioctl fs/ioctl.c:739 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x465b09
RSP: 002b:00007fbb5fe57188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c158 RCX: 0000000000465b09
RDX: 00000000200003c0 RSI: 000000000000890b RDI: 0000000000000006
RBP: 00000000004b069f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c158
R13: 00007ffe88c26a4f R14: 00007fbb5fe57300 R15: 0000000000022000
INFO: task syz-executor.4:21773 blocked for more than 143 seconds.
Not tainted 5.11.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.4 state:D stack:27656 pid:21773 ppid: 8456 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:4327 [inline]
__schedule+0x90c/0x21a0 kernel/sched/core.c:5078
schedule+0xcf/0x270 kernel/sched/core.c:5157
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
wext_ioctl_dispatch net/wireless/wext-core.c:987 [inline]
wext_ioctl_dispatch net/wireless/wext-core.c:976 [inline]
wext_handle_ioctl+0x120/0x280 net/wireless/wext-core.c:1049
sock_ioctl+0x410/0x6a0 net/socket.c:1109
vfs_ioctl fs/ioctl.c:48 [inline]
__do_sys_ioctl fs/ioctl.c:753 [inline]
__se_sys_ioctl fs/ioctl.c:739 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x465b09
RSP: 002b:00007f684319c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465b09
RDX: 0000000020000080 RSI: 0000000000008b05 RDI: 0000000000000005
RBP: 00000000004b069f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007ffd24b55e3f R14: 00007f684319c300 R15: 0000000000022000
INFO: task syz-executor.0:21797 blocked for more than 144 seconds.
Not tainted 5.11.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0 state:D stack:29480 pid:21797 ppid: 8448 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:4327 [inline]
__schedule+0x90c/0x21a0 kernel/sched/core.c:5078
schedule+0xcf/0x270 kernel/sched/core.c:5157
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
ipv6_route_ioctl+0x3c7/0x570 net/ipv6/route.c:4361
inet6_ioctl+0x242/0x280 net/ipv6/af_inet6.c:561
sock_do_ioctl+0xcb/0x2d0 net/socket.c:1037
sock_ioctl+0x477/0x6a0 net/socket.c:1177
vfs_ioctl fs/ioctl.c:48 [inline]
__do_sys_ioctl fs/ioctl.c:753 [inline]
__se_sys_ioctl fs/ioctl.c:739 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x465b09
RSP: 002b:00007ff3b9be1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465b09
RDX: 00000000200003c0 RSI: 000000000000890b RDI: 0000000000000004
RBP: 00000000004b069f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007ffcfcf8c17f R14: 00007ff3b9be1300 R15: 0000000000022000
INFO: task syz-executor.0:21806 blocked for more than 144 seconds.
Not tainted 5.11.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0 state:D stack:29480 pid:21806 ppid: 8448 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:4327 [inline]
__schedule+0x90c/0x21a0 kernel/sched/core.c:5078
schedule+0xcf/0x270 kernel/sched/core.c:5157
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
ipv6_route_ioctl+0x3c7/0x570 net/ipv6/route.c:4361
inet6_ioctl+0x242/0x280 net/ipv6/af_inet6.c:561
sock_do_ioctl+0xcb/0x2d0 net/socket.c:1037
sock_ioctl+0x477/0x6a0 net/socket.c:1177
vfs_ioctl fs/ioctl.c:48 [inline]
__do_sys_ioctl fs/ioctl.c:753 [inline]
__se_sys_ioctl fs/ioctl.c:739 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x465b09
RSP: 002b:00007ff3b9bc0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c008 RCX: 0000000000465b09
RDX: 00000000200003c0 RSI: 000000000000890b RDI: 0000000000000004
RBP: 00000000004b069f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c008
R13: 00007ffcfcf8c17f R14: 00007ff3b9bc0300 R15: 0000000000022000
INFO: task syz-executor.5:21798 blocked for more than 145 seconds.
Not tainted 5.11.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.5 state:D stack:29480 pid:21798 ppid: 8472 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:4327 [inline]
__schedule+0x90c/0x21a0 kernel/sched/core.c:5078
schedule+0xcf/0x270 kernel/sched/core.c:5157
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
ipv6_route_ioctl+0x3c7/0x570 net/ipv6/route.c:4361
inet6_ioctl+0x242/0x280 net/ipv6/af_inet6.c:561
sock_do_ioctl+0xcb/0x2d0 net/socket.c:1037
sock_ioctl+0x477/0x6a0 net/socket.c:1177
vfs_ioctl fs/ioctl.c:48 [inline]
__do_sys_ioctl fs/ioctl.c:753 [inline]
__se_sys_ioctl fs/ioctl.c:739 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x465b09
RSP: 002b:00007face1e72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465b09
RDX: 00000000200003c0 RSI: 000000000000890c RDI: 0000000000000004
RBP: 00000000004b069f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007ffdb8eb302f R14: 00007face1e72300 R15: 0000000000022000
Showing all locks held in the system:
1 lock held by khungtaskd/1659:
#0: ffffffff8bd73da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6259
2 locks held by systemd-journal/4887:
1 lock held by in:imklog/8159:
#0: ffff888012bef9f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:947
3 locks held by kworker/u4:1/26783:
3 locks held by kworker/1:4/25404:
#0: ffff888021645138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888021645138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
#0: ffff888021645138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
#0: ffff888021645138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline]
#0: ffff888021645138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
#0: ffff888021645138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0 kernel/workqueue.c:2246
#1: ffffc900074efda8 ((addr_chk_work).work){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0 kernel/workqueue.c:2250
#2: ffffffff8d4590e8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4570
1 lock held by syz-executor.3/21791:
#0: ffffffff8d4590e8 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_route_ioctl+0x3c7/0x570 net/ipv6/route.c:4361
1 lock held by syz-executor.4/21773:
#0: ffffffff8d4590e8 (rtnl_mutex){+.+.}-{3:3}, at: wext_ioctl_dispatch net/wireless/wext-core.c:987 [inline]
#0: ffffffff8d4590e8 (rtnl_mutex){+.+.}-{3:3}, at: wext_ioctl_dispatch net/wireless/wext-core.c:976 [inline]
#0: ffffffff8d4590e8 (rtnl_mutex){+.+.}-{3:3}, at: wext_handle_ioctl+0x120/0x280 net/wireless/wext-core.c:1049
1 lock held by syz-executor.2/21786:
1 lock held by syz-executor.0/21797:
#0: ffffffff8d4590e8 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_route_ioctl+0x3c7/0x570 net/ipv6/route.c:4361
1 lock held by syz-executor.0/21806:
#0: ffffffff8d4590e8 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_route_ioctl+0x3c7/0x570 net/ipv6/route.c:4361
1 lock held by syz-executor.5/21798:
#0: ffffffff8d4590e8 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_route_ioctl+0x3c7/0x570 net/ipv6/route.c:4361
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 1659 Comm: khungtaskd Not tainted 5.11.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:79 [inline]
dump_stack+0x107/0x163 lib/dump_stack.c:120
nmi_cpu_backtrace.cold+0x44/0xd7 lib/nmi_backtrace.c:105
nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:209 [inline]
watchdog+0xd43/0xfa0 kernel/hung_task.c:294
kthread+0x3b1/0x4a0 kernel/kthread.c:292
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 4887 Comm: systemd-journal Not tainted 5.11.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:lookup_object lib/debugobjects.c:198 [inline]
RIP: 0010:debug_object_deactivate lib/debugobjects.c:732 [inline]
RIP: 0010:debug_object_deactivate+0x145/0x300 lib/debugobjects.c:718
Code: 8b ab c0 df d3 8f 31 db 48 85 ed 74 44 49 bc 00 00 00 00 00 fc ff df 48 8d 7d 18 83 c3 01 48 89 f8 48 c1 e8 03 42 80 3c 20 00 <0f> 85 1e 01 00 00 4c 3b 7d 18 74 74 48 89 e8 48 c1 e8 03 42 80 3c
RSP: 0018:ffffc90000db0d40 EFLAGS: 00000046
RAX: 1ffff1100218a7df RBX: 000000000000000e RCX: ffffffff81596d60
RDX: 1ffffffff1fb352f RSI: 0000000000000006 RDI: ffff888010c53ef8
RBP: ffff888010c53ee0 R08: ffffffff8fd9a968 R09: 0000000000000003
R10: fffff520001b6196 R11: 0000000000000000 R12: dffffc0000000000
R13: ffffffff894d9b00 R14: 1ffff920001b61aa R15: ffff8880b9d27380
FS: 00007f52cfc238c0(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f52cd494000 CR3: 0000000012118000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
debug_hrtimer_deactivate kernel/time/hrtimer.c:425 [inline]
debug_deactivate kernel/time/hrtimer.c:481 [inline]
__run_hrtimer kernel/time/hrtimer.c:1487 [inline]
__hrtimer_run_queues+0x3f8/0xe40 kernel/time/hrtimer.c:1583
hrtimer_interrupt+0x334/0x940 kernel/time/hrtimer.c:1645
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1085 [inline]
__sysvec_apic_timer_interrupt+0x146/0x540 arch/x86/kernel/apic/apic.c:1102
asm_call_irq_on_stack+0xf/0x20
</IRQ>
__run_sysvec_on_irqstack arch/x86/include/asm/irq_stack.h:37 [inline]
run_sysvec_on_irqstack_cond arch/x86/include/asm/irq_stack.h:89 [inline]
sysvec_apic_timer_interrupt+0xbd/0x100 arch/x86/kernel/apic/apic.c:1096
asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:629
RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:26 [inline]
RIP: 0010:check_kcov_mode kernel/kcov.c:163 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 kernel/kcov.c:197
Code: 00 00 00 4d 8b 0b 48 0f bd c8 49 8b 14 24 48 63 c9 e9 66 ff ff ff 4c 01 ca 49 89 13 e9 00 fd ff ff 66 0f 1f 84 00 00 00 00 00 <65> 8b 05 c9 31 8f 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b
RSP: 0018:ffffc900010efc38 EFLAGS: 00000202
RAX: 00000000002cff91 RBX: 000000000000199f RCX: ffffffff81584017
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00000000000023d6 R08: 0000000000000001 R09: ffffffff8f866847
R10: fffffbfff1f0cd08 R11: 0000000000000000 R12: 0000000000000041
R13: 0000000000000000 R14: ffffffff815af9d0 R15: 0000000000000001
devkmsg_poll+0x122/0x1d0 kernel/printk/printk.c:832
vfs_poll include/linux/poll.h:90 [inline]
ep_item_poll+0xf4/0x190 fs/eventpoll.c:840
ep_send_events fs/eventpoll.c:1677 [inline]
ep_poll fs/eventpoll.c:1792 [inline]
do_epoll_wait+0x724/0x1920 fs/eventpoll.c:2220
__do_sys_epoll_wait fs/eventpoll.c:2232 [inline]
__se_sys_epoll_wait fs/eventpoll.c:2227 [inline]
__x64_sys_epoll_wait+0x158/0x270 fs/eventpoll.c:2227
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7f52ceeec2e3
Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 3d 29 54 2b 00 00 75 13 49 89 ca b8 e8 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 0b c2 00 00 48 89 04 24
RSP: 002b:00007ffc46d35e28 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8
RAX: ffffffffffffffda RBX: 000055a58c0461e0 RCX: 00007f52ceeec2e3
RDX: 0000000000000013 RSI: 00007ffc46d35e30 RDI: 0000000000000008
RBP: 00007ffc46d36020 R08: 000055a58c048870 R09: 00007ffc46dbb080
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc46d35e30
R13: 0000000000000001 R14: 0000000000000000 R15: 0005baa026b956d3