INFO: task hung in sit_exit_batch

Kernel	Title	Count	Last	Reported	Patched	Status
upstream	INFO: task hung in sit_exit_batch_net net	2	1971d	1980d	0/28	closed as invalid on 2019/10/23 07:54
linux-6.1	INFO: task hung in sit_exit_batch_net	1	226d	226d	0/3	auto-obsoleted due to no activity on 2024/09/25 01:30
upstream	INFO: task hung in sit_exit_batch_net (3) net	1	945d	945d	0/28	auto-closed as invalid on 2022/09/26 13:51
upstream	INFO: task hung in sit_exit_batch_net (2) net	1	1521d	1521d	0/28	auto-closed as invalid on 2021/02/27 16:17
linux-4.19	INFO: task hung in sit_exit_batch_net	2	1121d	1157d	0/1	auto-closed as invalid on 2022/05/03 11:37

INFO: task kworker/u4:18:5853 blocked for more than 143 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u4:18 state:D stack:23560 pid:5853 ppid:2 flags:0x00004000 Workqueue: netns cleanup_net Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 sit_exit_batch_net+0x8c/0x750 net/ipv6/sit.c:1881 ops_exit_list+0x125/0x170 net/core/net_namespace.c:174 cleanup_net+0x4ee/0xb10 net/core/net_namespace.c:606 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 worker_thread+0x669/0x1090 kernel/workqueue.c:2436 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 </TASK> INFO: task kworker/0:7:10419 blocked for more than 143 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:7 state:D stack:21992 pid:10419 ppid:2 flags:0x00004000 Workqueue: events switchdev_deferred_process_work Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:75 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 worker_thread+0x669/0x1090 kernel/workqueue.c:2436 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 </TASK> INFO: task kworker/1:13:20738 blocked for more than 143 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:13 state:D stack:23672 pid:20738 ppid:2 flags:0x00004000 Workqueue: events linkwatch_event Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 linkwatch_event+0xf/0x70 net/core/link_watch.c:263 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 worker_thread+0x669/0x1090 kernel/workqueue.c:2436 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 </TASK> INFO: task kworker/0:11:21339 blocked for more than 143 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:11 state:D stack:26928 pid:21339 ppid:2 flags:0x00004000 Workqueue: ipv6_addrconf addrconf_verify_work Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4624 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 worker_thread+0x669/0x1090 kernel/workqueue.c:2436 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 </TASK> INFO: task kworker/1:24:21409 blocked for more than 144 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:24 state:D stack:24192 pid:21409 ppid:2 flags:0x00004000 Workqueue: ipv6_addrconf addrconf_verify_work Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4624 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 worker_thread+0x669/0x1090 kernel/workqueue.c:2436 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 </TASK> INFO: task syz-executor.5:22088 blocked for more than 144 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.5 state:D stack:26592 pid:22088 ppid:5341 flags:0x00004004 Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 ip_tunnel_init_net+0x2dd/0x9f0 net/ipv4/ip_tunnel.c:1072 ops_init+0xb9/0x680 net/core/net_namespace.c:135 setup_net+0x793/0xe60 net/core/net_namespace.c:333 copy_net_ns+0x31b/0x6b0 net/core/net_namespace.c:483 create_new_namespaces+0x3f6/0xb20 kernel/nsproxy.c:110 copy_namespaces+0x3b3/0x4a0 kernel/nsproxy.c:179 copy_process+0x30d3/0x75c0 kernel/fork.c:2269 kernel_clone+0xeb/0xa40 kernel/fork.c:2681 __do_sys_clone+0xba/0x100 kernel/fork.c:2822 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7ff9fb28c189 RSP: 002b:00007ff9fbf9f118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007ff9fb3abf80 RCX: 00007ff9fb28c189 RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000040000000 RBP: 00007ff9fb2e7b01 R08: 0000000020000280 R09: 0000000020000280 R10: 0000000020000240 R11: 0000000000000206 R12: 0000000000000000 R13: 00007ffce049cf3f R14: 00007ff9fbf9f300 R15: 0000000000022000 </TASK> INFO: task syz-executor.0:22099 blocked for more than 144 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.0 state:D stack:27728 pid:22099 ppid:11344 flags:0x00000004 Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 rtnl_lock net/core/rtnetlink.c:75 [inline] rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 netlink_rcv_skb+0x165/0x440 net/netlink/af_netlink.c:2564 netlink_unicast_kernel net/netlink/af_netlink.c:1330 [inline] netlink_unicast+0x547/0x7f0 net/netlink/af_netlink.c:1356 netlink_sendmsg+0x91b/0xe10 net/netlink/af_netlink.c:1932 sock_sendmsg_nosec net/socket.c:714 [inline] sock_sendmsg+0xd3/0x120 net/socket.c:734 ____sys_sendmsg+0x334/0x8c0 net/socket.c:2476 ___sys_sendmsg+0x110/0x1b0 net/socket.c:2530 __sys_sendmmsg+0x1b7/0x540 net/socket.c:2616 __do_sys_sendmmsg net/socket.c:2645 [inline] __se_sys_sendmmsg net/socket.c:2642 [inline] __x64_sys_sendmmsg+0x9d/0x100 net/socket.c:2642 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f437708c189 RSP: 002b:00007f4377e22168 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 00007f43771ac050 RCX: 00007f437708c189 RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005 RBP: 00007f43770e7b01 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe80d9219f R14: 00007f4377e22300 R15: 0000000000022000 </TASK> INFO: task syz-executor.4:22091 blocked for more than 145 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.4 state:D stack:28088 pid:22091 ppid:5331 flags:0x00000004 Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 tun_detach drivers/net/tun.c:698 [inline] tun_chr_close+0x3e/0x190 drivers/net/tun.c:3460 __fput+0x27c/0xa90 fs/file_table.c:320 task_work_run+0x16f/0x270 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] exit_to_user_mode_loop kernel/entry/common.c:171 [inline] exit_to_user_mode_prepare+0x23c/0x250 kernel/entry/common.c:203 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline] syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:296 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7ffa95a3e00b RSP: 002b:00007fff18b5af50 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007ffa95a3e00b RDX: 0000000000000000 RSI: 00007ffa95600000 RDI: 0000000000000005 RBP: 00007ffa95bad980 R08: 0000000000000000 R09: 00000000199f6e05 R10: 0000000000000000 R11: 0000000000000293 R12: 000000000015deeb R13: 00007fff18b5b050 R14: 00007ffa95bac050 R15: 0000000000000032 </TASK> INFO: task syz-executor.1:22101 blocked for more than 145 seconds. Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:28240 pid:22101 ppid:11386 flags:0x00000004 Call Trace: <TASK> context_switch kernel/sched/core.c:5229 [inline] __schedule+0xb8a/0x5450 kernel/sched/core.c:6541 schedule+0xde/0x1b0 kernel/sched/core.c:6617 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6676 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa48/0x1360 kernel/locking/mutex.c:747 tun_detach drivers/net/tun.c:698 [inline] tun_chr_close+0x3e/0x190 drivers/net/tun.c:3460 __fput+0x27c/0xa90 fs/file_table.c:320 task_work_run+0x16f/0x270 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] exit_to_user_mode_loop kernel/entry/common.c:171 [inline] exit_to_user_mode_prepare+0x23c/0x250 kernel/entry/common.c:203 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline] syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:296 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f0bdfa3e00b RSP: 002b:00007ffd21ab1140 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007f0bdfa3e00b RDX: 0000000000000000 RSI: 00007f0bdf600000 RDI: 0000000000000005 RBP: 00007f0bdfbad980 R08: 0000000000000000 R09: 0000000026cf62dc R10: 0000000000000000 R11: 0000000000000293 R12: 000000000015e1a6 R13: 00007ffd21ab1240 R14: 00007f0bdfbac050 R15: 0000000000000032 </TASK> Showing all locks held in the system: 1 lock held by rcu_tasks_kthre/12: #0: ffffffff8c78fb30 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 kernel/rcu/tasks.h:507 1 lock held by rcu_tasks_trace/13: #0: ffffffff8c78f830 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 kernel/rcu/tasks.h:507 1 lock held by khungtaskd/28: #0: ffffffff8c790680 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x57/0x264 kernel/locking/lockdep.c:6494 2 locks held by getty/4975: #0: ffff888027f66098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 drivers/tty/tty_ldisc.c:244 #1: ffffc900015b52f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 drivers/tty/n_tty.c:2177 4 locks held by kworker/u4:18/5853: #0: ffff8880125d7938 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff8880125d7938 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff8880125d7938 ((wq_completion)netns){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff8880125d7938 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline] #0: ffff8880125d7938 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline] #0: ffff8880125d7938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260 #1: ffffc9000a8a7da8 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264 #2: ffffffff8e0cd8d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x9f/0xb10 net/core/net_namespace.c:568 #3: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: sit_exit_batch_net+0x8c/0x750 net/ipv6/sit.c:1881 3 locks held by kworker/0:7/10419: #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260 #1: ffffc9001625fda8 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264 #2: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:75 3 locks held by kworker/1:13/20738: #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260 #1: ffffc9000f117da8 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264 #2: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xf/0x70 net/core/link_watch.c:263 3 locks held by kworker/0:11/21339: #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260 #1: ffffc9000ac5fda8 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264 #2: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4624 3 locks held by kworker/1:24/21409: #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline] #0: ffff88802761b938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260 #1: ffffc9000337fda8 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264 #2: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4624 2 locks held by syz-executor.5/22088: #0: ffffffff8e0cd8d0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x2f8/0x6b0 net/core/net_namespace.c:479 #1: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x2dd/0x9f0 net/ipv4/ip_tunnel.c:1072 1 lock held by syz-executor.0/22099: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.4/22091: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: tun_detach drivers/net/tun.c:698 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x190 drivers/net/tun.c:3460 1 lock held by syz-executor.2/22097: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.1/22101: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: tun_detach drivers/net/tun.c:698 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x190 drivers/net/tun.c:3460 1 lock held by syz-executor.3/22121: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.5/22123: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.0/22132: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.2/22133: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.4/22135: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.1/22142: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.3/22150: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.5/22155: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.4/22161: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.0/22164: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.2/22166: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.1/22168: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 1 lock held by syz-executor.3/22171: #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:75 [inline] #0: ffffffff8e0e1568 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x3e9/0xca0 net/core/rtnetlink.c:6138 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 nmi_cpu_backtrace.cold+0x24/0x18a lib/nmi_backtrace.c:111 nmi_trigger_cpumask_backtrace+0x333/0x3c0 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:220 [inline] watchdog+0xc75/0xfc0 kernel/hung_task.c:377 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 </TASK> Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 6582 Comm: kworker/u4:19 Not tainted 6.1.0-rc5-next-20221116-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Workqueue: phy4 ieee80211_iface_work RIP: 0010:stack_trace_consume_entry+0xbb/0x160 kernel/stacktrace.c:93 Code: 00 00 8b 43 0c 85 c0 75 53 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 80 3c 02 00 0f 85 92 00 00 00 8d 45 01 89 43 10 <48> 8b 03 48 8d 2c e8 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 RSP: 0018:ffffc9000364f518 EFLAGS: 00000246 RAX: 0000000000000006 RBX: ffffc9000364f5f0 RCX: 0000000000000000 RDX: 1ffff920006c9ebe RSI: ffffffff81ce11ef RDI: ffffc9000364f5fc RBP: 0000000000000005 R08: ffffffff8f046630 R09: ffffc9000364f56c R10: fffff520006c9eb2 R11: ffffc9000364f908 R12: ffffc9000364f5f0 R13: 0000000000000000 R14: ffff888031633a80 R15: ffffea00008a2400 FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000c00d1b5000 CR3: 000000001db93000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> arch_stack_walk+0x71/0xf0 arch/x86/kernel/stacktrace.c:27 stack_trace_save+0x90/0xc0 kernel/stacktrace.c:122 kasan_save_stack+0x22/0x40 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 kasan_save_free_info+0x2e/0x40 mm/kasan/generic.c:518 ____kasan_slab_free mm/kasan/common.c:241 [inline] ____kasan_slab_free+0x160/0x1c0 mm/kasan/common.c:205 kasan_slab_free include/linux/kasan.h:178 [inline] slab_free_hook mm/slub.c:1763 [inline] slab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1789 slab_free mm/slub.c:3696 [inline] __kmem_cache_free+0xaf/0x3b0 mm/slub.c:3709 ieee80211_bss_info_update+0x4a2/0xaf0 net/mac80211/scan.c:223 ieee80211_rx_bss_info net/mac80211/ibss.c:1120 [inline] ieee80211_rx_mgmt_probe_beacon net/mac80211/ibss.c:1609 [inline] ieee80211_ibss_rx_queued_mgmt+0x19fc/0x3160 net/mac80211/ibss.c:1638 ieee80211_iface_process_skb net/mac80211/iface.c:1581 [inline] ieee80211_iface_work+0xa4b/0xd30 net/mac80211/iface.c:1635 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 worker_thread+0x669/0x1090 kernel/workqueue.c:2436 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 </TASK>

Crashes (2):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2022/11/22 21:24	linux-next	15f3bff12cf6	9da37ae8	.config	console log	report			info		ci-upstream-linux-next-kasan-gce-root	INFO: task hung in sit_exit_batch_net
2022/11/15 20:05	linux-next	5c92ddca1053	97de9cfc	.config	console log	report			info		ci-upstream-linux-next-kasan-gce-root	INFO: task hung in sit_exit_batch_net

Crashes (2):

Assets (help?)