INFO: task syz-executor.1:3084 blocked for more than 143 seconds.
Not tainted 5.9.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.1 state:D stack:28544 pid: 3084 ppid: 2507 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0xec9/0x2280 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103
gtp_net_exit+0x1b5/0x380 drivers/net/gtp.c:1354
ops_exit_list+0xb0/0x160 net/core/net_namespace.c:186
setup_net+0x502/0x850 net/core/net_namespace.c:364
copy_net_ns+0x2cf/0x5e0 net/core/net_namespace.c:482
create_new_namespaces+0x3f6/0xb10 kernel/nsproxy.c:110
unshare_nsproxy_namespaces+0xbd/0x1f0 kernel/nsproxy.c:231
ksys_unshare+0x445/0x8e0 kernel/fork.c:2921
__do_sys_unshare kernel/fork.c:2989 [inline]
__se_sys_unshare kernel/fork.c:2987 [inline]
__x64_sys_unshare+0x2d/0x40 kernel/fork.c:2987
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45dd99
Code: Bad RIP value.
RSP: 002b:00007f3a9f81fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 0000000000036f40 RCX: 000000000045dd99
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
RBP: 000000000118bf50 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007ffc387fd3bf R14: 00007f3a9f8209c0 R15: 000000000118bf2c
INFO: task syz-executor.1:3087 blocked for more than 143 seconds.
Not tainted 5.9.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.1 state:D stack:27664 pid: 3087 ppid: 2507 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0xec9/0x2280 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103
gtp_net_exit+0x1b5/0x380 drivers/net/gtp.c:1354
ops_exit_list+0xb0/0x160 net/core/net_namespace.c:186
setup_net+0x502/0x850 net/core/net_namespace.c:364
copy_net_ns+0x2cf/0x5e0 net/core/net_namespace.c:482
create_new_namespaces+0x3f6/0xb10 kernel/nsproxy.c:110
unshare_nsproxy_namespaces+0xbd/0x1f0 kernel/nsproxy.c:231
ksys_unshare+0x445/0x8e0 kernel/fork.c:2921
__do_sys_unshare kernel/fork.c:2989 [inline]
__se_sys_unshare kernel/fork.c:2987 [inline]
__x64_sys_unshare+0x2d/0x40 kernel/fork.c:2987
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45dd99
Code: Bad RIP value.
RSP: 002b:00007f3a9f7fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 0000000000036f40 RCX: 000000000045dd99
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
RBP: 000000000118bff8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bfd4
R13: 00007ffc387fd3bf R14: 00007f3a9f7ff9c0 R15: 000000000118bfd4
INFO: task syz-executor.3:3085 blocked for more than 144 seconds.
Not tainted 5.9.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3 state:D stack:25632 pid: 3085 ppid: 6894 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0xec9/0x2280 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103
tcf_action_init_1+0x747/0x990 net/sched/act_api.c:966
tcf_action_init+0x265/0x4b0 net/sched/act_api.c:1040
tcf_action_add+0xd9/0x360 net/sched/act_api.c:1453
tc_ctl_action+0x33a/0x439 net/sched/act_api.c:1506
rtnetlink_rcv_msg+0x44e/0xad0 net/core/rtnetlink.c:5563
netlink_rcv_skb+0x15a/0x430 net/netlink/af_netlink.c:2470
netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline]
netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1330
netlink_sendmsg+0x856/0xd90 net/netlink/af_netlink.c:1919
sock_sendmsg_nosec net/socket.c:651 [inline]
sock_sendmsg+0xcf/0x120 net/socket.c:671
____sys_sendmsg+0x6e8/0x810 net/socket.c:2353
___sys_sendmsg+0xf3/0x170 net/socket.c:2407
__sys_sendmsg+0xe5/0x1b0 net/socket.c:2440
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45dd99
Code: Bad RIP value.
RSP: 002b:00007fcb4e42ac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000002d400 RCX: 000000000045dd99
RDX: 0000000000000000 RSI: 0000000020002980 RDI: 0000000000000003
RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007ffdc76185cf R14: 00007fcb4e42b9c0 R15: 000000000118bf2c
INFO: task syz-executor.3:3105 blocked for more than 145 seconds.
Not tainted 5.9.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3 state:D stack:28640 pid: 3105 ppid: 6894 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0xec9/0x2280 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103
rtnl_lock net/core/rtnetlink.c:72 [inline]
rtnetlink_rcv_msg+0x3f9/0xad0 net/core/rtnetlink.c:5560
netlink_rcv_skb+0x15a/0x430 net/netlink/af_netlink.c:2470
netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline]
netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1330
netlink_sendmsg+0x856/0xd90 net/netlink/af_netlink.c:1919
sock_sendmsg_nosec net/socket.c:651 [inline]
sock_sendmsg+0xcf/0x120 net/socket.c:671
____sys_sendmsg+0x6e8/0x810 net/socket.c:2353
___sys_sendmsg+0xf3/0x170 net/socket.c:2407
__sys_sendmsg+0xe5/0x1b0 net/socket.c:2440
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45dd99
Code: Bad RIP value.
RSP: 002b:00007fcb4e3e8c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000002d400 RCX: 000000000045dd99
RDX: 0000000000000000 RSI: 0000000020002980 RDI: 0000000000000003
RBP: 000000000118c0b0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118c07c
R13: 00007ffdc76185cf R14: 00007fcb4e3e99c0 R15: 000000000118c07c
INFO: task syz-executor.2:3096 blocked for more than 145 seconds.
Not tainted 5.9.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.2 state:D stack:28640 pid: 3096 ppid: 6892 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0xec9/0x2280 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103
rtnl_lock net/core/rtnetlink.c:72 [inline]
rtnetlink_rcv_msg+0x3f9/0xad0 net/core/rtnetlink.c:5560
netlink_rcv_skb+0x15a/0x430 net/netlink/af_netlink.c:2470
netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline]
netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1330
netlink_sendmsg+0x856/0xd90 net/netlink/af_netlink.c:1919
sock_sendmsg_nosec net/socket.c:651 [inline]
sock_sendmsg+0xcf/0x120 net/socket.c:671
____sys_sendmsg+0x6e8/0x810 net/socket.c:2353
___sys_sendmsg+0xf3/0x170 net/socket.c:2407
__sys_sendmsg+0xe5/0x1b0 net/socket.c:2440
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45dd99
Code: Bad RIP value.
RSP: 002b:00007f854ab47c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000002d400 RCX: 000000000045dd99
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007ffc873bf1bf R14: 00007f854ab489c0 R15: 000000000118bf2c
INFO: task syz-executor.2:3121 blocked for more than 146 seconds.
Not tainted 5.9.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.2 state:D stack:28640 pid: 3121 ppid: 6892 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0xec9/0x2280 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103
rtnl_lock net/core/rtnetlink.c:72 [inline]
rtnetlink_rcv_msg+0x3f9/0xad0 net/core/rtnetlink.c:5560
netlink_rcv_skb+0x15a/0x430 net/netlink/af_netlink.c:2470
netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline]
netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1330
netlink_sendmsg+0x856/0xd90 net/netlink/af_netlink.c:1919
sock_sendmsg_nosec net/socket.c:651 [inline]
sock_sendmsg+0xcf/0x120 net/socket.c:671
____sys_sendmsg+0x6e8/0x810 net/socket.c:2353
___sys_sendmsg+0xf3/0x170 net/socket.c:2407
__sys_sendmsg+0xe5/0x1b0 net/socket.c:2440
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45dd99
Code: Bad RIP value.
RSP: 002b:00007f854ab05c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000002d400 RCX: 000000000045dd99
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
RBP: 000000000118c0b0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118c07c
R13: 00007ffc873bf1bf R14: 00007f854ab069c0 R15: 000000000118c07c
INFO: task syz-executor.4:3101 blocked for more than 146 seconds.
Not tainted 5.9.0-rc6-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.4 state:D stack:28640 pid: 3101 ppid: 6896 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0xec9/0x2280 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661
__mutex_lock_common kernel/locking/mutex.c:1033 [inline]
__mutex_lock+0x3e2/0x10e0 kernel/locking/mutex.c:1103
rtnl_lock net/core/rtnetlink.c:72 [inline]
rtnetlink_rcv_msg+0x3f9/0xad0 net/core/rtnetlink.c:5560
netlink_rcv_skb+0x15a/0x430 net/netlink/af_netlink.c:2470
netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline]
netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1330
netlink_sendmsg+0x856/0xd90 net/netlink/af_netlink.c:1919
sock_sendmsg_nosec net/socket.c:651 [inline]
sock_sendmsg+0xcf/0x120 net/socket.c:671
____sys_sendmsg+0x6e8/0x810 net/socket.c:2353
___sys_sendmsg+0xf3/0x170 net/socket.c:2407
__sys_sendmsg+0xe5/0x1b0 net/socket.c:2440
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45dd99
Code: Bad RIP value.
RSP: 002b:00007f84c6676c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000002d3c0 RCX: 000000000045dd99
RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003
RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c
R13: 00007fff3673911f R14: 00007f84c66779c0 R15: 000000000118bf2c
Showing all locks held in the system:
4 locks held by kworker/u4:0/7:
1 lock held by khungtaskd/1168:
#0: ffffffff8a067f00 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:5852
1 lock held by in:imklog/6556:
#0: ffff8880a788c1b0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:930
3 locks held by kworker/1:3/19282:
#0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
#0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
#0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline]
#0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
#0: ffff8880aa063d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x82b/0x1670 kernel/workqueue.c:2240
#1: ffffc90008da7da8 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x85f/0x1670 kernel/workqueue.c:2244
#2: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:74
3 locks held by kworker/0:14/19578:
#0: ffff888214da6538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888214da6538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
#0: ffff888214da6538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
#0: ffff888214da6538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline]
#0: ffff888214da6538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
#0: ffff888214da6538 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x82b/0x1670 kernel/workqueue.c:2240
#1: ffffc90008f77da8 ((addr_chk_work).work){+.+.}-{0:0}, at: process_one_work+0x85f/0x1670 kernel/workqueue.c:2244
#2: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4568
9 locks held by kworker/u4:11/15870:
#0: ffff8880ae435e18 (&rq->lock){-.-.}-{2:2}, at: newidle_balance+0x789/0xe50 kernel/sched/fair.c:10555
#1: ffff8880ae520ec8 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x305/0x440 kernel/sched/psi.c:833
#2: ffffffff8a067f00 (rcu_read_lock){....}-{1:2}, at: batadv_nc_purge_orig_hash net/batman-adv/network-coding.c:405 [inline]
#2: ffffffff8a067f00 (rcu_read_lock){....}-{1:2}, at: batadv_nc_worker+0xf3/0xe50 net/batman-adv/network-coding.c:718
#3: ffffffff8d6a5370 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x12e/0x3e0 lib/debugobjects.c:636
#4: ffff8880ae525490 (krc.lock){..-.}-{2:2}, at: krc_this_cpu_lock kernel/rcu/tree.c:3072 [inline]
#4: ffff8880ae525490 (krc.lock){..-.}-{2:2}, at: kvfree_call_rcu+0xf5/0x780 kernel/rcu/tree.c:3385
#5: ffffffff8d6b8c78 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_active_state lib/debugobjects.c:902 [inline]
#5: ffffffff8d6b8c78 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_active_state+0x10b/0x350 lib/debugobjects.c:889
#6: ffff8880aa071818 (&pool->lock/1){..-.}-{2:2}, at: __queue_work+0x37b/0xf60 kernel/workqueue.c:1449
#7: ffff8880a85bac60 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0x98/0x1350 kernel/sched/core.c:2859
#8: ffffffff8a067f00 (rcu_read_lock){....}-{1:2}, at: sock_def_readable+0x0/0x4c0 include/net/sock.h:1808
2 locks held by syz-executor.1/3084:
#0: ffffffff8b13c030 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2ac/0x5e0 net/core/net_namespace.c:478
#1: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: gtp_net_exit+0x1b5/0x380 drivers/net/gtp.c:1354
2 locks held by syz-executor.1/3087:
#0: ffffffff8b13c030 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2ac/0x5e0 net/core/net_namespace.c:478
#1: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: gtp_net_exit+0x1b5/0x380 drivers/net/gtp.c:1354
1 lock held by syz-executor.3/3085:
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: tcf_action_init_1+0x747/0x990 net/sched/act_api.c:966
2 locks held by syz-executor.3/3088:
1 lock held by syz-executor.3/3105:
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3f9/0xad0 net/core/rtnetlink.c:5560
1 lock held by syz-executor.2/3096:
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3f9/0xad0 net/core/rtnetlink.c:5560
1 lock held by syz-executor.2/3121:
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3f9/0xad0 net/core/rtnetlink.c:5560
1 lock held by syz-executor.4/3101:
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline]
#0: ffffffff8b14d828 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3f9/0xad0 net/core/rtnetlink.c:5560
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 1168 Comm: khungtaskd Not tainted 5.9.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x198/0x1fd lib/dump_stack.c:118
nmi_cpu_backtrace.cold+0x70/0xb1 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x1b3/0x223 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:209 [inline]
watchdog+0xd7d/0x1000 kernel/hung_task.c:295
kthread+0x3b5/0x4a0 kernel/kthread.c:292
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 21524 Comm: kworker/u4:8 Not tainted 5.9.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: krdsd rds_connect_worker
RIP: 0010:unwind_next_frame+0x1bc/0x1f90 arch/x86/kernel/unwind_orc.c:449
Code: ea 83 e2 07 38 d0 7f 08 84 c0 0f 85 39 0a 00 00 4c 89 e1 41 0f b6 47 35 48 ba 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 11 00 <0f> 85 6e 15 00 00 49 8b 4f 48 3c 01 49 c7 c0 c0 8f fc 89 48 83 d9
RSP: 0018:ffffc900000070f0 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 1ffff92000000e26 RCX: 1ffff92000000e42
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000001
RBP: 0000000000000002 R08: ffffffff8c31233a R09: 0000000000000001
R10: 000000000007601f R11: 0000000000000001 R12: ffffc90000007210
R13: ffffc900000071fd R14: ffffc90000007218 R15: ffffc900000071c8
FS: 0000000000000000(0000) GS:ffff8880ae400000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb35c005001 CR3: 00000000a81a7000 CR4: 00000000001506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
arch_stack_walk+0x81/0xf0 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x8c/0xc0 kernel/stacktrace.c:123
kasan_save_stack+0x1b/0x40 mm/kasan/common.c:48
kasan_set_track mm/kasan/common.c:56 [inline]
__kasan_kmalloc.constprop.0+0xbf/0xd0 mm/kasan/common.c:461
slab_post_alloc_hook mm/slab.h:518 [inline]
slab_alloc mm/slab.c:3312 [inline]
kmem_cache_alloc+0x13a/0x3f0 mm/slab.c:3482
dst_alloc+0x9e/0x641 net/core/dst.c:93
rt_dst_alloc+0x73/0x430 net/ipv4/route.c:1636
__mkroute_output net/ipv4/route.c:2451 [inline]
ip_route_output_key_hash_rcu+0x843/0x2690 net/ipv4/route.c:2678
ip_route_output_key_hash+0x1a4/0x2f0 net/ipv4/route.c:2506
__ip_route_output_key include/net/route.h:126 [inline]
ip_route_output_flow+0x23/0xc0 net/ipv4/route.c:2767
inet_csk_route_child_sock+0x6eb/0xaa0 net/ipv4/inet_connection_sock.c:644
tcp_v4_syn_recv_sock+0xebf/0x1260 net/ipv4/tcp_ipv4.c:1533
tcp_v6_syn_recv_sock+0x1302/0x2140 net/ipv6/tcp_ipv6.c:1204
tcp_check_req+0x607/0x17b0 net/ipv4/tcp_minisocks.c:772
tcp_v4_rcv+0x21ba/0x3750 net/ipv4/tcp_ipv4.c:1963
ip_protocol_deliver_rcu+0x5c/0x8a0 net/ipv4/ip_input.c:204
ip_local_deliver_finish+0x20a/0x370 net/ipv4/ip_input.c:231
NF_HOOK include/linux/netfilter.h:301 [inline]
NF_HOOK include/linux/netfilter.h:295 [inline]
ip_local_deliver+0x1b3/0x200 net/ipv4/ip_input.c:252
dst_input include/net/dst.h:449 [inline]
ip_rcv_finish+0x1da/0x2f0 net/ipv4/ip_input.c:428
NF_HOOK include/linux/netfilter.h:301 [inline]
NF_HOOK include/linux/netfilter.h:295 [inline]
ip_rcv+0xaa/0xd0 net/ipv4/ip_input.c:539
__netif_receive_skb_one_core+0x114/0x180 net/core/dev.c:5286
__netif_receive_skb+0x27/0x1c0 net/core/dev.c:5400
process_backlog+0x2e1/0x8e0 net/core/dev.c:6242
napi_poll net/core/dev.c:6688 [inline]
net_rx_action+0x50d/0xfc0 net/core/dev.c:6758
__do_softirq+0x1f8/0xb23 kernel/softirq.c:298
asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:706
</IRQ>
__run_on_irqstack arch/x86/include/asm/irq_stack.h:22 [inline]
run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:48 [inline]
do_softirq_own_stack+0x9d/0xd0 arch/x86/kernel/irq_64.c:77
do_softirq kernel/softirq.c:343 [inline]
do_softirq+0x154/0x1b0 kernel/softirq.c:330
__local_bh_enable_ip+0x196/0x1f0 kernel/softirq.c:195
local_bh_enable include/linux/bottom_half.h:32 [inline]
rcu_read_unlock_bh include/linux/rcupdate.h:723 [inline]
ip_finish_output2+0x869/0x21b0 net/ipv4/ip_output.c:230
__ip_finish_output net/ipv4/ip_output.c:307 [inline]
__ip_finish_output+0x7cf/0xd10 net/ipv4/ip_output.c:289
ip_finish_output+0x34/0x1f0 net/ipv4/ip_output.c:317
NF_HOOK_COND include/linux/netfilter.h:290 [inline]
ip_output+0x196/0x310 net/ipv4/ip_output.c:431
dst_output include/net/dst.h:443 [inline]
ip_local_out net/ipv4/ip_output.c:126 [inline]
__ip_queue_xmit+0x8e9/0x1a00 net/ipv4/ip_output.c:531
__tcp_transmit_skb+0x1884/0x3690 net/ipv4/tcp_output.c:1246
__tcp_send_ack.part.0+0x3aa/0x590 net/ipv4/tcp_output.c:3800
__tcp_send_ack net/ipv4/tcp_output.c:3806 [inline]
tcp_send_ack+0x7d/0xa0 net/ipv4/tcp_output.c:3806
tcp_rcv_synsent_state_process net/ipv4/tcp_input.c:6109 [inline]
tcp_rcv_state_process+0x374c/0x4add net/ipv4/tcp_input.c:6278
tcp_v4_do_rcv+0x320/0x870 net/ipv4/tcp_ipv4.c:1664
sk_backlog_rcv include/net/sock.h:1011 [inline]
__release_sock+0x134/0x3a0 net/core/sock.c:2542
release_sock+0x54/0x1b0 net/core/sock.c:3065
inet_stream_connect+0x76/0xa0 net/ipv4/af_inet.c:726
rds_tcp_conn_path_connect+0x61c/0x880 net/rds/tcp_connect.c:172
rds_connect_worker+0x1a5/0x2c0 net/rds/threads.c:176
process_one_work+0x94c/0x1670 kernel/workqueue.c:2269
worker_thread+0x64c/0x1120 kernel/workqueue.c:2415
kthread+0x3b5/0x4a0 kernel/kthread.c:292
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294