audit: type=1400 audit(2000000079.296:1259): avc: denied { create } for pid=31403 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=0
INFO: task kworker/u4:25:21932 blocked for more than 140 seconds.
Not tainted 4.9.170+ #45
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/u4:25 D25256 21932 2 0x80000000
Workqueue: netns cleanup_net
ffff8801c40297c0 ffff8801d2d30580 ffff8801db621000 ffff880187f1df00
ffff8801db621018 ffff8801b23379a8 ffffffff8280185e 000060fe2460c518
1ffff10036466f2c 0000000000000000 ffff8801db6218f0 1ffff10036466f24
Call Trace:
[<00000000ef4404b8>] schedule+0x92/0x1c0 kernel/sched/core.c:3546
[<0000000002c45c96>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3579
[<000000006120828e>] __mutex_lock_common kernel/locking/mutex.c:582 [inline]
[<000000006120828e>] mutex_lock_nested+0x38d/0x920 kernel/locking/mutex.c:621
[<00000000e4dda4c9>] cleanup_net+0x131/0x8a0 net/core/net_namespace.c:440
[<0000000075381d89>] process_one_work+0x88b/0x1600 kernel/workqueue.c:2114
[<000000009e5fc9e2>] worker_thread+0x5df/0x11d0 kernel/workqueue.c:2251
[<0000000030693a1f>] kthread+0x278/0x310 kernel/kthread.c:211
[<0000000088b1d35d>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Showing all locks held in the system:
3 locks held by kworker/1:0/18:
#0: ("%s"("ipv6_addrconf")){.+.+..}, at: [<00000000b488b54d>] process_one_work+0x790/0x1600 kernel/workqueue.c:2107
#1: ((addr_chk_work).work){+.+...}, at: [<00000000f7ac442d>] process_one_work+0x7ce/0x1600 kernel/workqueue.c:2111
#2: (rtnl_mutex){+.+.+.}, at: [<000000005a4f895e>] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70
2 locks held by khungtaskd/24:
#0: (rcu_read_lock){......}, at: [<000000007dbd2115>] check_hung_uninterruptible_tasks kernel/hung_task.c:169 [inline]
#0: (rcu_read_lock){......}, at: [<000000007dbd2115>] watchdog+0x14b/0xaf0 kernel/hung_task.c:263
#1: (tasklist_lock){.+.+..}, at: [<000000008c987e8f>] debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4339
2 locks held by getty/2024:
#0: (&tty->ldisc_sem){++++++}, at: [<000000008f49366d>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.+.}, at: [<00000000765675cb>] n_tty_read+0x1fe/0x1820 drivers/tty/n_tty.c:2156
3 locks held by kworker/u4:25/21932:
#0: ("%s""netns"){.+.+.+}, at: [<00000000b488b54d>] process_one_work+0x790/0x1600 kernel/workqueue.c:2107
#1: (net_cleanup_work){+.+.+.}, at: [<00000000f7ac442d>] process_one_work+0x7ce/0x1600 kernel/workqueue.c:2111
#2: (net_mutex){+.+.+.}, at: [<00000000e4dda4c9>] cleanup_net+0x131/0x8a0 net/core/net_namespace.c:440
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.170+ #45
ffff8801d98d7cc8 ffffffff81b4fb21 0000000000000001 0000000000000000
0000000000000001 ffffffff81097401 dffffc0000000000 ffff8801d98d7d00
ffffffff81b5adbc 0000000000000001 0000000000000000 0000000000000001
Call Trace:
[<00000000d8155db3>] __dump_stack lib/dump_stack.c:15 [inline]
[<00000000d8155db3>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
[<0000000086e32dd2>] nmi_cpu_backtrace.cold+0x47/0x87 lib/nmi_backtrace.c:99
[<00000000209d5fc2>] nmi_trigger_cpumask_backtrace+0x124/0x155 lib/nmi_backtrace.c:60
[<000000007fa18fd4>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
[<00000000e7306c50>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
[<00000000e7306c50>] check_hung_task kernel/hung_task.c:126 [inline]
[<00000000e7306c50>] check_hung_uninterruptible_tasks kernel/hung_task.c:183 [inline]
[<00000000e7306c50>] watchdog+0x670/0xaf0 kernel/hung_task.c:263
[<0000000030693a1f>] kthread+0x278/0x310 kernel/kthread.c:211
[<0000000088b1d35d>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 30813 Comm: syz-executor.4 Not tainted 4.9.170+ #45
task: 0000000066a1170c task.stack: 000000002b1a619c
RIP: 0010:[<ffffffff8120037f>] �c [<00000000bbbbd8ad>] perf_trace_lock+0x1f/0x540 include/trace/events/lock.h:38
RSP: 0000:ffff88018bcd7aa0 EFLAGS: 00000087
RAX: 1ffff10038ccf383 RBX: ffff8801c6679c28 RCX: 1ffffffff063f7a4
RDX: dffffc0000000000 RSI: ffff8801d2d30680 RDI: ffffffff830c1dc0
RBP: ffff88018bcd7ab8 R08: 0000000000000001 R09: 0000000000006f64
R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8149a1d4
R13: dffffc0000000000 R14: ffffffff830c1d40 R15: ffff88018bcd7a90
FS: 00007feac2ca4700(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000004d1d3401c65 CR3: 000000017e888000 CR4: 00000000001606b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Stack:
dffffc0000000000�c ffff8801d2d30680�c ffffffff81200360�c ffff88018bcd7b70�c
ffffffff8120da6a�c 71109f33ab500c84�c 0000000000000246�c ffff880187f1df00�c
0000000000000000�c 0000000000000000�c 0000000000000001�c ffff88018bcd7b70�c
Call Trace:
[<000000006e951ce3>] trace_lock_release include/trace/events/lock.h:57 [inline]
[<000000006e951ce3>] lock_release+0x92a/0xc30 kernel/locking/lockdep.c:3777
[<000000009fe6074a>] __might_fault mm/memory.c:4054 [inline]
[<000000009fe6074a>] __might_fault+0x189/0x1d0 mm/memory.c:4039
[<000000000ce465fd>] __copy_to_user arch/x86/include/asm/uaccess_64.h:181 [inline]
[<000000000ce465fd>] save_xstate_epilog arch/x86/kernel/fpu/signal.c:88 [inline]
[<000000000ce465fd>] copy_fpstate_to_sigframe+0x2e7/0x710 arch/x86/kernel/fpu/signal.c:201
[<000000001285a2bb>] get_sigframe arch/x86/kernel/signal.c:282 [inline]
[<000000001285a2bb>] __setup_rt_frame arch/x86/kernel/signal.c:463 [inline]
[<000000001285a2bb>] setup_rt_frame arch/x86/kernel/signal.c:697 [inline]
[<000000001285a2bb>] handle_signal arch/x86/kernel/signal.c:741 [inline]
[<000000001285a2bb>] do_signal+0xf80/0x1920 arch/x86/kernel/signal.c:809
[<000000004a7c37ae>] exit_to_usermode_loop+0x11c/0x160 arch/x86/entry/common.c:158
[<00000000ec5ebf78>] prepare_exit_to_usermode+0x143/0x1b0 arch/x86/entry/common.c:194
[<000000004f12fa7e>] retint_user+0x8/0x3c
Code: �cfe �cff �cff �c66 �c0f �c1f �c84 �c00 �c00 �c00 �c00 �c00 �c48 �cba �c00 �c00 �c00 �c00 �c00 �cfc �cff �cdf �c55 �c48 �c89 �ce5 �c41 �c57 �c41 �c56 �c4c �c8d �c7d �cd8 �c49 �c89 �cfe �c48 �c83 �cef �c80 �c41 �c55 �c<41> �c54 �c4c �c8d �ca5 �c58 �cff �cff �cff �c49 �cc1 �cec �c03 �c53 �c49 �c8d �c04 �c14 �c48 �c81 �cec �c