INFO: task hung in caif_exit

Kernel	Title	Count	Last	Reported	Patched	Status
upstream	INFO: task hung in caif_exit_net (3) net	1	865d	865d	0/28	auto-obsoleted due to no activity on 2023/02/10 18:53
upstream	INFO: task hung in caif_exit_net (2) net	1	1254d	1254d	0/28	auto-closed as invalid on 2022/01/16 13:12
upstream	INFO: task hung in caif_exit_net (4) net	6	280d	308d	0/28	auto-obsoleted due to no activity on 2024/09/16 03:37

INFO: task kworker/u4:7:291 blocked for more than 143 seconds. Not tainted 5.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u4:7 state:D stack:24040 pid: 291 ppid: 2 flags:0x00004000 Workqueue: netns cleanup_net Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0xea9/0x2230 kernel/sched/core.c:4527 schedule+0xd0/0x2a0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103 caif_exit_net+0x2cd/0x8c0 net/caif/caif_dev.c:522 ops_exit_list+0xb0/0x160 net/core/net_namespace.c:186 cleanup_net+0x4ea/0xa00 net/core/net_namespace.c:603 process_one_work+0x94c/0x1670 kernel/workqueue.c:2269 worker_thread+0x64c/0x1120 kernel/workqueue.c:2415 kthread+0x3b5/0x4a0 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task syz-executor.2:20672 blocked for more than 143 seconds. Not tainted 5.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.2 state:D stack:25368 pid:20672 ppid: 6864 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0xea9/0x2230 kernel/sched/core.c:4527 schedule+0xd0/0x2a0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103 netdev_run_todo+0x705/0xac0 net/core/dev.c:10107 ip_tunnel_delete_nets+0x3df/0x580 net/ipv4/ip_tunnel.c:1126 ops_exit_list+0x10d/0x160 net/core/net_namespace.c:189 setup_net+0x502/0x850 net/core/net_namespace.c:364 copy_net_ns+0x2cf/0x5e0 net/core/net_namespace.c:482 create_new_namespaces+0x3f6/0xb10 kernel/nsproxy.c:110 copy_namespaces+0x385/0x470 kernel/nsproxy.c:179 copy_process+0x294b/0x6920 kernel/fork.c:2072 _do_fork+0xe8/0xb10 kernel/fork.c:2428 __do_sys_clone+0xc8/0x110 kernel/fork.c:2545 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5b9 Code: Bad RIP value. RSP: 002b:00007f2811587c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000001f40 RCX: 000000000045d5b9 RDX: 9999999999999999 RSI: 0000000000000000 RDI: 00000000e1004d7c RBP: 000000000118cf90 R08: ffffffffffffffff R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c R13: 00007ffff8b5c16f R14: 00007f28115889c0 R15: 000000000118cf4c INFO: task syz-executor.3:20677 blocked for more than 144 seconds. Not tainted 5.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.3 state:D stack:25344 pid:20677 ppid: 6866 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0xea9/0x2230 kernel/sched/core.c:4527 schedule+0xd0/0x2a0 kernel/sched/core.c:4602 schedule_timeout+0x1d8/0x250 kernel/time/timer.c:1855 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0x163/0x260 kernel/sched/completion.c:138 INFO: task syz-executor.0:20741 blocked for more than 144 seconds. Not tainted 5.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.0 state:D stack:25776 pid:20741 ppid: 9805 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0xea9/0x2230 kernel/sched/core.c:4527 schedule+0xd0/0x2a0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103 ip_tunnel_init_net+0x31c/0x980 net/ipv4/ip_tunnel.c:1071 ops_init+0xaf/0x470 net/core/net_namespace.c:151 setup_net+0x2d8/0x850 net/core/net_namespace.c:341 copy_net_ns+0x2cf/0x5e0 net/core/net_namespace.c:482 create_new_namespaces+0x3f6/0xb10 kernel/nsproxy.c:110 copy_namespaces+0x385/0x470 kernel/nsproxy.c:179 copy_process+0x294b/0x6920 kernel/fork.c:2072 _do_fork+0xe8/0xb10 kernel/fork.c:2428 __do_sys_clone+0xc8/0x110 kernel/fork.c:2545 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5b9 Code: Bad RIP value. RSP: 002b:00007f2501646c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000001f40 RCX: 000000000045d5b9 RDX: 9999999999999999 RSI: 0000000000000000 RDI: 00000000e1004d7c RBP: 000000000118cf90 R08: ffffffffffffffff R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c R13: 00007fff14b0062f R14: 00007f25016479c0 R15: 000000000118cf4c Showing all locks held in the system: 3 locks held by kworker/1:1/23: #0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline] #0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline] #0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline] #0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x82b/0x1670 kernel/workqueue.c:2240 #1: ffffc90000df7da8 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x85f/0x1670 kernel/workqueue.c:2244 #2: ffffffff8a7ea708 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:74 6 locks held by kworker/u4:7/291: #0: ffff8880a9012138 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff8880a9012138 ((wq_completion)netns){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline] #0: ffff8880a9012138 ((wq_completion)netns){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline] #0: ffff8880a9012138 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline] #0: ffff8880a9012138 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff8880a9012138 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x82b/0x1670 kernel/workqueue.c:2240 #1: ffffc90001da7da8 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x85f/0x1670 kernel/workqueue.c:2244 #2: ffffffff8a7dd6b0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x9b/0xa00 net/core/net_namespace.c:565 #3: ffffffff8a7ea708 (rtnl_mutex){+.+.}-{3:3}, at: caif_exit_net+0x2cd/0x8c0 net/caif/caif_dev.c:522 #4: ffff8880a8c4c380 (&caifn->caifdevs.lock){+.+.}-{3:3}, at: caif_exit_net+0x2e9/0x8c0 net/caif/caif_dev.c:523 #5: ffffffff89bdb0a8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:290 [inline] #5: ffffffff89bdb0a8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4e8/0x5f0 kernel/rcu/tree_exp.h:838 1 lock held by khungtaskd/1141: #0: ffffffff89bd6a40 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:5829 1 lock held by in:imklog/6524: #0: ffff88809eb020f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:930 2 locks held by kworker/1:3/6750: #0: ffff8880aa073538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff8880aa073538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline] #0: ffff8880aa073538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline] #0: ffff8880aa073538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline] #0: ffff8880aa073538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff8880aa073538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x82b/0x1670 kernel/workqueue.c:2240 #1: ffffc90001f77da8 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x85f/0x1670 kernel/workqueue.c:2244 2 locks held by agetty/6769: #0: ffff88809efbe098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:267 #1: ffffc900029cd2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x223/0x1a30 drivers/tty/n_tty.c:2156 3 locks held by kworker/1:4/8128: #0: ffff888099a4cd38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888099a4cd38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline] #0: ffff888099a4cd38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline] #0: ffff888099a4cd38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline] #0: ffff888099a4cd38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff888099a4cd38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x82b/0x1670 kernel/workqueue.c:2240 #1: ffffc90015c37da8 ((addr_chk_work).work){+.+.}-{0:0}, at: process_one_work+0x85f/0x1670 kernel/workqueue.c:2244 #2: ffffffff8a7ea708 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4568 3 locks held by kworker/u4:0/18089: #0: ffff8880ae735e18 (&rq->lock){-.-.}-{2:2}, at: newidle_balance+0x77f/0xe30 kernel/sched/fair.c:10555 #1: ffffffff89bd6a40 (rcu_read_lock){....}-{1:2}, at: cpu_of kernel/sched/sched.h:1072 [inline] #1: ffffffff89bd6a40 (rcu_read_lock){....}-{1:2}, at: __update_idle_core+0x39/0x3e0 kernel/sched/fair.c:6014 #2: ffff8880ae7255d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x55/0x1a0 kernel/time/timer.c:947 2 locks held by syz-executor.2/20672: #0: ffffffff8a7dd6b0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2ac/0x5e0 net/core/net_namespace.c:478 #1: ffffffff8a7ea708 (rtnl_mutex){+.+.}-{3:3}, at: netdev_run_todo+0x705/0xac0 net/core/dev.c:10107 2 locks held by syz-executor.3/20677: #0: ffffffff8a7dd6b0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2ac/0x5e0 net/core/net_namespace.c:478 #1: ffffffff89bdafb0 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x44/0x4f0 kernel/rcu/tree.c:3744 2 locks held by syz-executor.0/20741: #0: ffffffff8a7dd6b0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2ac/0x5e0 net/core/net_namespace.c:478 #1: ffffffff8a7ea708 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x15/0x160 drivers/net/wireguard/device.c:401 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 1141 Comm: khungtaskd Not tainted 5.9.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x198/0x1fd lib/dump_stack.c:118 nmi_cpu_backtrace.cold+0x70/0xb1 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1b3/0x223 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:209 [inline] watchdog+0xd7d/0x1000 kernel/hung_task.c:295 kthread+0x3b5/0x4a0 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 3890 Comm: systemd-journal Not tainted 5.9.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:selinux_inode_setattr+0x0/0x2e0 security/selinux/hooks.c:3070 Code: d6 d9 fe ff 41 89 c4 e9 36 ff ff ff 41 bc f3 ff ff ff e9 2b ff ff ff e8 de 96 99 04 e8 49 4e 59 fe eb 8b e8 42 4e 59 fe eb a7 <41> 57 41 56 49 be 00 00 00 00 00 fc ff df 41 55 41 54 49 89 f4 55 RSP: 0018:ffffc90001fc7d70 EFLAGS: 00000246 RAX: 1ffffffff140b24a RBX: ffffffff8a059238 RCX: ffffffff835888f6 RDX: ffff8880a87e0400 RSI: ffffc90001fc7e40 RDI: ffff8880a9c651b8 RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffffff8c5f5a7f R10: 0000000000000000 R11: 0000000000000001 R12: ffffc90001fc7e40 R13: ffff8880a9c651b8 R14: ffffc90001fc7e40 R15: 0000000000000000 FS: 00007f949ca4d8c0(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f9499f5d000 CR3: 0000000090b2d000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: security_inode_setattr+0xbd/0x140 security/security.c:1267 notify_change+0x568/0x10a0 fs/attr.c:328 do_truncate+0x134/0x1f0 fs/open.c:64 do_sys_ftruncate+0x4a0/0x570 fs/open.c:195 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7f949bd10ec7 Code: 73 01 c3 48 8b 0d d1 5f 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 4d 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 5f 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007fffc70d37a8 EFLAGS: 00000206 ORIG_RAX: 000000000000004d RAX: ffffffffffffffda RBX: 00007fffc70d37e0 RCX: 00007f949bd10ec7 RDX: 000055f200699ea0 RSI: 0000000000800000 RDI: 0000000000000010 RBP: 00007fffc70d37d8 R08: 0000000000000008 R09: 000055f20069a27c R10: 000055f20069a200 R11: 0000000000000206 R12: 000055f20069a200 R13: 00007fffc70d38d8 R14: 000055f1ff569958 R15: 0005aede9684e2d0