[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.202' (ECDSA) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program syzkaller login: [ 483.350492][ T8519] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 715.809467][ T1654] INFO: task kworker/1:1:8487 blocked for more than 143 seconds. [ 715.817789][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 715.825029][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 715.834566][ T1654] task:kworker/1:1 state:D stack:29608 pid: 8487 ppid: 2 flags:0x00004000 [ 715.844835][ T1654] Workqueue: events linkwatch_event [ 715.851244][ T1654] Call Trace: [ 715.854542][ T1654] __schedule+0x90c/0x21a0 [ 715.858994][ T1654] ? io_schedule_timeout+0x140/0x140 [ 715.865995][ T1654] ? _raw_spin_unlock_irq+0x1f/0x40 [ 715.872176][ T1654] ? lockdep_hardirqs_on+0x79/0x100 [ 715.877466][ T1654] schedule+0xcf/0x270 [ 715.882771][ T1654] schedule_preempt_disabled+0xf/0x20 [ 715.888186][ T1654] __mutex_lock+0x81a/0x1110 [ 715.894193][ T1654] ? linkwatch_event+0xb/0x60 [ 715.899003][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 715.905558][ T1654] ? lock_release+0x710/0x710 [ 715.911324][ T1654] linkwatch_event+0xb/0x60 [ 715.915861][ T1654] process_one_work+0x98d/0x15f0 [ 715.921932][ T1654] ? pwq_dec_nr_in_flight+0x320/0x320 [ 715.927345][ T1654] ? rwlock_bug.part.0+0x90/0x90 [ 715.934379][ T1654] ? _raw_spin_lock_irq+0x41/0x50 [ 715.940296][ T1654] worker_thread+0x64c/0x1120 [ 715.945019][ T1654] ? __kthread_parkme+0x13f/0x1e0 [ 715.951362][ T1654] ? process_one_work+0x15f0/0x15f0 [ 715.956588][ T1654] kthread+0x3b1/0x4a0 [ 715.961806][ T1654] ? __kthread_bind_mask+0xc0/0xc0 [ 715.966964][ T1654] ret_from_fork+0x1f/0x30 [ 715.972614][ T1654] INFO: task syz-executor200:8508 blocked for more than 143 seconds. [ 715.981558][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 715.987467][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 715.998048][ T1654] task:syz-executor200 state:D stack:26928 pid: 8508 ppid: 8500 flags:0x00004004 [ 716.007952][ T1654] Call Trace: [ 716.012013][ T1654] __schedule+0x90c/0x21a0 [ 716.016626][ T1654] ? io_schedule_timeout+0x140/0x140 [ 716.023001][ T1654] ? rwlock_bug.part.0+0x90/0x90 [ 716.027966][ T1654] schedule+0xcf/0x270 [ 716.033028][ T1654] schedule_preempt_disabled+0xf/0x20 [ 716.038505][ T1654] __mutex_lock+0x81a/0x1110 [ 716.044131][ T1654] ? nl80211_pre_doit+0x34f/0x630 [ 716.049870][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 716.055266][ T1654] ? __nla_parse+0x3d/0x50 [ 716.061601][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 716.068379][ T1654] nl80211_pre_doit+0x34f/0x630 [ 716.074200][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 716.081750][ T1654] genl_family_rcv_msg_doit+0x1ee/0x320 [ 716.087316][ T1654] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 716.095728][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.102980][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.110216][ T1654] ? ns_capable+0xde/0x100 [ 716.114670][ T1654] genl_rcv_msg+0x328/0x580 [ 716.120403][ T1654] ? genl_get_cmd+0x480/0x480 [ 716.125209][ T1654] ? nl80211_notify_iface+0x180/0x180 [ 716.132335][ T1654] ? lock_release+0x710/0x710 [ 716.137112][ T1654] netlink_rcv_skb+0x153/0x420 [ 716.143153][ T1654] ? genl_get_cmd+0x480/0x480 [ 716.148068][ T1654] ? netlink_ack+0xaa0/0xaa0 [ 716.154045][ T1654] genl_rcv+0x24/0x40 [ 716.158052][ T1654] netlink_unicast+0x533/0x7d0 [ 716.164096][ T1654] ? netlink_attachskb+0x870/0x870 [ 716.169225][ T1654] ? _copy_from_iter_full+0x275/0x850 [ 716.175608][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 716.182519][ T1654] ? __phys_addr_symbol+0x2c/0x70 [ 716.187557][ T1654] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 716.195058][ T1654] ? __check_object_size+0x171/0x3f0 [ 716.200993][ T1654] netlink_sendmsg+0x856/0xd90 [ 716.205778][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 716.211815][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.218336][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 716.224159][ T1654] sock_sendmsg+0xcf/0x120 [ 716.228591][ T1654] __sys_sendto+0x21c/0x320 [ 716.233948][ T1654] ? __ia32_sys_getpeername+0xb0/0xb0 [ 716.239942][ T1654] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 716.245764][ T1654] ? debug_object_active_state+0x260/0x350 [ 716.252485][ T1654] ? blkcg_maybe_throttle_current+0x64d/0xd80 [ 716.258574][ T1654] ? __blkcg_punt_bio_submit+0x1d0/0x1d0 [ 716.265220][ T1654] __x64_sys_sendto+0xdd/0x1b0 [ 716.270569][ T1654] ? lockdep_hardirqs_on+0x79/0x100 [ 716.275785][ T1654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 716.282583][ T1654] do_syscall_64+0x2d/0x70 [ 716.287048][ T1654] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 716.293827][ T1654] RIP: 0033:0x406767 [ 716.297732][ T1654] RSP: 002b:00007f20b5310c50 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 716.307278][ T1654] RAX: ffffffffffffffda RBX: 00007f20b5310d10 RCX: 0000000000406767 [ 716.316124][ T1654] RDX: 0000000000000024 RSI: 00007f20b5310d60 RDI: 0000000000000009 [ 716.325922][ T1654] RBP: 0000000000000000 R08: 00007f20b5310c60 R09: 000000000000000c [ 716.334620][ T1654] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 716.343200][ T1654] R13: 0000000000000000 R14: 00007f20b5310d60 R15: 0000000000000009 [ 716.351958][ T1654] INFO: task syz-executor200:8511 blocked for more than 143 seconds. [ 716.361258][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 716.367178][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 716.376931][ T1654] task:syz-executor200 state:D stack:27360 pid: 8511 ppid: 8499 flags:0x00000004 [ 716.387003][ T1654] Call Trace: [ 716.390987][ T1654] __schedule+0x90c/0x21a0 [ 716.395613][ T1654] ? io_schedule_timeout+0x140/0x140 [ 716.402151][ T1654] schedule+0xcf/0x270 [ 716.406239][ T1654] schedule_preempt_disabled+0xf/0x20 [ 716.412701][ T1654] __mutex_lock+0x81a/0x1110 [ 716.417475][ T1654] ? nl80211_pre_doit+0x34f/0x630 [ 716.423457][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 716.428874][ T1654] ? __nla_parse+0x3d/0x50 [ 716.434192][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 716.442091][ T1654] nl80211_pre_doit+0x34f/0x630 [ 716.446973][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 716.455687][ T1654] genl_family_rcv_msg_doit+0x1ee/0x320 [ 716.462044][ T1654] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 716.470213][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.476496][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.483981][ T1654] ? ns_capable+0xde/0x100 [ 716.488510][ T1654] genl_rcv_msg+0x328/0x580 [ 716.493954][ T1654] ? genl_get_cmd+0x480/0x480 [ 716.498648][ T1654] ? nl80211_notify_iface+0x180/0x180 [ 716.504928][ T1654] ? lock_release+0x710/0x710 [ 716.510189][ T1654] netlink_rcv_skb+0x153/0x420 [ 716.514968][ T1654] ? genl_get_cmd+0x480/0x480 [ 716.520572][ T1654] ? netlink_ack+0xaa0/0xaa0 [ 716.525224][ T1654] genl_rcv+0x24/0x40 [ 716.530348][ T1654] netlink_unicast+0x533/0x7d0 [ 716.535141][ T1654] ? netlink_attachskb+0x870/0x870 [ 716.541189][ T1654] ? _copy_from_iter_full+0x275/0x850 [ 716.546585][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 716.553812][ T1654] ? __phys_addr_symbol+0x2c/0x70 [ 716.558943][ T1654] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 716.565778][ T1654] ? __check_object_size+0x171/0x3f0 [ 716.571739][ T1654] netlink_sendmsg+0x856/0xd90 [ 716.576526][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 716.583444][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.590779][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 716.595765][ T1654] sock_sendmsg+0xcf/0x120 [ 716.601049][ T1654] __sys_sendto+0x21c/0x320 [ 716.605568][ T1654] ? __ia32_sys_getpeername+0xb0/0xb0 [ 716.612116][ T1654] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 716.618374][ T1654] ? debug_object_active_state+0x260/0x350 [ 716.625390][ T1654] ? blkcg_maybe_throttle_current+0x64d/0xd80 [ 716.632126][ T1654] ? __blkcg_punt_bio_submit+0x1d0/0x1d0 [ 716.637807][ T1654] __x64_sys_sendto+0xdd/0x1b0 [ 716.643461][ T1654] ? lockdep_hardirqs_on+0x79/0x100 [ 716.648672][ T1654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 716.655672][ T1654] do_syscall_64+0x2d/0x70 [ 716.660954][ T1654] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 716.666967][ T1654] RIP: 0033:0x406767 [ 716.671854][ T1654] RSP: 002b:00007f20b5310c50 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 716.681135][ T1654] RAX: ffffffffffffffda RBX: 00007f20b5310d10 RCX: 0000000000406767 [ 716.689227][ T1654] RDX: 0000000000000024 RSI: 00007f20b5310d60 RDI: 0000000000000009 [ 716.698804][ T1654] RBP: 0000000000000000 R08: 00007f20b5310c60 R09: 000000000000000c [ 716.707690][ T1654] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 716.717334][ T1654] R13: 0000000000000000 R14: 00007f20b5310d60 R15: 0000000000000009 [ 716.726277][ T1654] INFO: task syz-executor200:8529 blocked for more than 144 seconds. [ 716.735172][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 716.741782][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 716.751121][ T1654] task:syz-executor200 state:D stack:27360 pid: 8529 ppid: 8499 flags:0x00004004 [ 716.761253][ T1654] Call Trace: [ 716.764552][ T1654] __schedule+0x90c/0x21a0 [ 716.769158][ T1654] ? io_schedule_timeout+0x140/0x140 [ 716.775878][ T1654] schedule+0xcf/0x270 [ 716.780722][ T1654] schedule_preempt_disabled+0xf/0x20 [ 716.786109][ T1654] __mutex_lock+0x81a/0x1110 [ 716.791866][ T1654] ? nl80211_pre_doit+0x34f/0x630 [ 716.796940][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 716.803356][ T1654] ? __nla_parse+0x3d/0x50 [ 716.807807][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 716.815560][ T1654] nl80211_pre_doit+0x34f/0x630 [ 716.821067][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 716.827930][ T1654] genl_family_rcv_msg_doit+0x1ee/0x320 [ 716.834764][ T1654] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 716.843957][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.851215][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.857742][ T1654] ? ns_capable+0xde/0x100 [ 716.863288][ T1654] genl_rcv_msg+0x328/0x580 [ 716.867919][ T1654] ? genl_get_cmd+0x480/0x480 [ 716.873715][ T1654] ? nl80211_notify_iface+0x180/0x180 [ 716.879208][ T1654] ? lock_release+0x710/0x710 [ 716.885317][ T1654] netlink_rcv_skb+0x153/0x420 [ 716.890756][ T1654] ? genl_get_cmd+0x480/0x480 [ 716.895538][ T1654] ? netlink_ack+0xaa0/0xaa0 [ 716.901159][ T1654] genl_rcv+0x24/0x40 [ 716.905158][ T1654] netlink_unicast+0x533/0x7d0 [ 716.910898][ T1654] ? netlink_attachskb+0x870/0x870 [ 716.916054][ T1654] ? _copy_from_iter_full+0x275/0x850 [ 716.922362][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 716.928632][ T1654] ? __phys_addr_symbol+0x2c/0x70 [ 716.934628][ T1654] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 716.940953][ T1654] ? __check_object_size+0x171/0x3f0 [ 716.946264][ T1654] netlink_sendmsg+0x856/0xd90 [ 716.952094][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 716.957087][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 716.964552][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 716.971466][ T1654] sock_sendmsg+0xcf/0x120 [ 716.976057][ T1654] ____sys_sendmsg+0x6e8/0x810 [ 716.982077][ T1654] ? kernel_sendmsg+0x50/0x50 [ 716.987319][ T1654] ? do_recvmmsg+0x6c0/0x6c0 [ 716.993119][ T1654] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 716.999176][ T1654] ? lock_chain_count+0x20/0x20 [ 717.005499][ T1654] ___sys_sendmsg+0xf3/0x170 [ 717.010928][ T1654] ? sendmsg_copy_msghdr+0x160/0x160 [ 717.016287][ T1654] ? __fget_files+0x266/0x3d0 [ 717.022245][ T1654] ? lock_downgrade+0x6d0/0x6d0 [ 717.027391][ T1654] ? __fget_files+0x288/0x3d0 [ 717.033201][ T1654] ? __fget_light+0xea/0x280 [ 717.037931][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 717.045359][ T1654] __sys_sendmsg+0xe5/0x1b0 [ 717.051436][ T1654] ? __sys_sendmsg_sock+0xb0/0xb0 [ 717.056508][ T1654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 717.063666][ T1654] do_syscall_64+0x2d/0x70 [ 717.068120][ T1654] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 717.075206][ T1654] RIP: 0033:0x447ba9 [ 717.079121][ T1654] RSP: 002b:00007f20b52cfd98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 717.088971][ T1654] RAX: ffffffffffffffda RBX: 00000000006dcca8 RCX: 0000000000447ba9 [ 717.097833][ T1654] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000008 [ 717.107593][ T1654] RBP: 00000000006dcca0 R08: 0000000000000005 R09: 0000000000000000 [ 717.116315][ T1654] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006dccac [ 717.125144][ T1654] R13: 0000000000000000 R14: 000000306e616c77 R15: ffffffff00000000 [ 717.134041][ T1654] INFO: task syz-executor200:8509 blocked for more than 144 seconds. [ 717.143864][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 717.150721][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 717.160268][ T1654] task:syz-executor200 state:D stack:26456 pid: 8509 ppid: 8498 flags:0x00000004 [ 717.170434][ T1654] Call Trace: [ 717.173746][ T1654] __schedule+0x90c/0x21a0 [ 717.178185][ T1654] ? io_schedule_timeout+0x140/0x140 [ 717.184904][ T1654] schedule+0xcf/0x270 [ 717.189015][ T1654] schedule_preempt_disabled+0xf/0x20 [ 717.195755][ T1654] __mutex_lock+0x81a/0x1110 [ 717.201242][ T1654] ? nl80211_pre_doit+0x34f/0x630 [ 717.206486][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 717.213540][ T1654] ? __nla_parse+0x3d/0x50 [ 717.217984][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 717.225913][ T1654] nl80211_pre_doit+0x34f/0x630 [ 717.232307][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 717.239084][ T1654] genl_family_rcv_msg_doit+0x1ee/0x320 [ 717.245568][ T1654] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 717.253812][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 717.260930][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 717.267404][ T1654] ? ns_capable+0xde/0x100 [ 717.272851][ T1654] genl_rcv_msg+0x328/0x580 [ 717.277373][ T1654] ? genl_get_cmd+0x480/0x480 [ 717.283464][ T1654] ? nl80211_notify_iface+0x180/0x180 [ 717.288868][ T1654] ? lock_release+0x710/0x710 [ 717.294570][ T1654] netlink_rcv_skb+0x153/0x420 [ 717.300023][ T1654] ? genl_get_cmd+0x480/0x480 [ 717.304721][ T1654] ? netlink_ack+0xaa0/0xaa0 [ 717.310572][ T1654] genl_rcv+0x24/0x40 [ 717.314681][ T1654] netlink_unicast+0x533/0x7d0 [ 717.320563][ T1654] ? netlink_attachskb+0x870/0x870 [ 717.325872][ T1654] ? _copy_from_iter_full+0x275/0x850 [ 717.332513][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 717.338831][ T1654] ? __phys_addr_symbol+0x2c/0x70 [ 717.345029][ T1654] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 717.351532][ T1654] ? __check_object_size+0x171/0x3f0 [ 717.357372][ T1654] netlink_sendmsg+0x856/0xd90 [ 717.364459][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 717.370897][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 717.378841][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 717.385186][ T1654] sock_sendmsg+0xcf/0x120 [ 717.390343][ T1654] __sys_sendto+0x21c/0x320 [ 717.394861][ T1654] ? __ia32_sys_getpeername+0xb0/0xb0 [ 717.401465][ T1654] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 717.407309][ T1654] ? debug_object_active_state+0x260/0x350 [ 717.414118][ T1654] ? blkcg_maybe_throttle_current+0x64d/0xd80 [ 717.420982][ T1654] ? __blkcg_punt_bio_submit+0x1d0/0x1d0 [ 717.426658][ T1654] __x64_sys_sendto+0xdd/0x1b0 [ 717.432386][ T1654] ? lockdep_hardirqs_on+0x79/0x100 [ 717.437618][ T1654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 717.444769][ T1654] do_syscall_64+0x2d/0x70 [ 717.449211][ T1654] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 717.456054][ T1654] RIP: 0033:0x406767 [ 717.460633][ T1654] RSP: 002b:00007f20b5310c50 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 717.469152][ T1654] RAX: ffffffffffffffda RBX: 00007f20b5310d10 RCX: 0000000000406767 [ 717.478595][ T1654] RDX: 0000000000000024 RSI: 00007f20b5310d60 RDI: 0000000000000008 [ 717.487394][ T1654] RBP: 0000000000000000 R08: 00007f20b5310c60 R09: 000000000000000c [ 717.497171][ T1654] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 717.506007][ T1654] R13: 0000000000000000 R14: 00007f20b5310d60 R15: 0000000000000008 [ 717.514966][ T1654] INFO: task syz-executor200:8510 blocked for more than 145 seconds. [ 717.525120][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 717.531661][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 717.541089][ T1654] task:syz-executor200 state:D stack:26432 pid: 8510 ppid: 8496 flags:0x00000004 [ 717.551113][ T1654] Call Trace: [ 717.554451][ T1654] __schedule+0x90c/0x21a0 [ 717.558885][ T1654] ? io_schedule_timeout+0x140/0x140 [ 717.565667][ T1654] schedule+0xcf/0x270 [ 717.570507][ T1654] schedule_preempt_disabled+0xf/0x20 [ 717.575929][ T1654] __mutex_lock+0x81a/0x1110 [ 717.581609][ T1654] ? nl80211_pre_doit+0x34f/0x630 [ 717.586656][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 717.593008][ T1654] ? __nla_parse+0x3d/0x50 [ 717.597468][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 717.605241][ T1654] nl80211_pre_doit+0x34f/0x630 [ 717.610726][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 717.617536][ T1654] genl_family_rcv_msg_doit+0x1ee/0x320 [ 717.625033][ T1654] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 717.633295][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 717.640209][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 717.646471][ T1654] ? ns_capable+0xde/0x100 [ 717.651946][ T1654] genl_rcv_msg+0x328/0x580 [ 717.656474][ T1654] ? genl_get_cmd+0x480/0x480 [ 717.662152][ T1654] ? nl80211_notify_iface+0x180/0x180 [ 717.667547][ T1654] ? lock_release+0x710/0x710 [ 717.673393][ T1654] netlink_rcv_skb+0x153/0x420 [ 717.678186][ T1654] ? genl_get_cmd+0x480/0x480 [ 717.683865][ T1654] ? netlink_ack+0xaa0/0xaa0 [ 717.688486][ T1654] genl_rcv+0x24/0x40 [ 717.693375][ T1654] netlink_unicast+0x533/0x7d0 [ 717.698168][ T1654] ? netlink_attachskb+0x870/0x870 [ 717.704316][ T1654] ? _copy_from_iter_full+0x275/0x850 [ 717.710303][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 717.716587][ T1654] ? __phys_addr_symbol+0x2c/0x70 [ 717.722763][ T1654] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 717.728514][ T1654] ? __check_object_size+0x171/0x3f0 [ 717.735382][ T1654] netlink_sendmsg+0x856/0xd90 [ 717.740891][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 717.745875][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 717.754314][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 717.760118][ T1654] sock_sendmsg+0xcf/0x120 [ 717.764828][ T1654] __sys_sendto+0x21c/0x320 [ 717.770505][ T1654] ? __ia32_sys_getpeername+0xb0/0xb0 [ 717.775908][ T1654] ? _raw_spin_unlock_irqrestore+0x2f/0x50 [ 717.782911][ T1654] ? debug_object_active_state+0x260/0x350 [ 717.788793][ T1654] ? blkcg_maybe_throttle_current+0x64d/0xd80 [ 717.796032][ T1654] ? __blkcg_punt_bio_submit+0x1d0/0x1d0 [ 717.802504][ T1654] __x64_sys_sendto+0xdd/0x1b0 [ 717.807291][ T1654] ? lockdep_hardirqs_on+0x79/0x100 [ 717.813522][ T1654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 717.820045][ T1654] do_syscall_64+0x2d/0x70 [ 717.824535][ T1654] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 717.831440][ T1654] RIP: 0033:0x406767 [ 717.835345][ T1654] RSP: 002b:00007f20b5310c50 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 717.845106][ T1654] RAX: ffffffffffffffda RBX: 00007f20b5310d10 RCX: 0000000000406767 [ 717.854020][ T1654] RDX: 0000000000000024 RSI: 00007f20b5310d60 RDI: 0000000000000009 [ 717.862756][ T1654] RBP: 0000000000000000 R08: 00007f20b5310c60 R09: 000000000000000c [ 717.871522][ T1654] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 717.881105][ T1654] R13: 0000000000000000 R14: 00007f20b5310d60 R15: 0000000000000009 [ 717.889142][ T1654] INFO: task syz-executor200:8526 blocked for more than 145 seconds. [ 717.899051][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 717.905577][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 717.915146][ T1654] task:syz-executor200 state:D stack:27360 pid: 8526 ppid: 8496 flags:0x00004004 [ 717.925049][ T1654] Call Trace: [ 717.928342][ T1654] __schedule+0x90c/0x21a0 [ 717.933997][ T1654] ? io_schedule_timeout+0x140/0x140 [ 717.940058][ T1654] schedule+0xcf/0x270 [ 717.944145][ T1654] schedule_preempt_disabled+0xf/0x20 [ 717.950566][ T1654] __mutex_lock+0x81a/0x1110 [ 717.955176][ T1654] ? nl80211_pre_doit+0x34f/0x630 [ 717.961722][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 717.967244][ T1654] ? __nla_parse+0x3d/0x50 [ 717.972736][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 717.980432][ T1654] nl80211_pre_doit+0x34f/0x630 [ 717.985298][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 717.993028][ T1654] genl_family_rcv_msg_doit+0x1ee/0x320 [ 717.998596][ T1654] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 718.007134][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.015150][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.022915][ T1654] ? ns_capable+0xde/0x100 [ 718.027418][ T1654] genl_rcv_msg+0x328/0x580 [ 718.032923][ T1654] ? genl_get_cmd+0x480/0x480 [ 718.037644][ T1654] ? nl80211_notify_iface+0x180/0x180 [ 718.044007][ T1654] ? lock_release+0x710/0x710 [ 718.048708][ T1654] netlink_rcv_skb+0x153/0x420 [ 718.054552][ T1654] ? genl_get_cmd+0x480/0x480 [ 718.059825][ T1654] ? netlink_ack+0xaa0/0xaa0 [ 718.064471][ T1654] genl_rcv+0x24/0x40 [ 718.068628][ T1654] netlink_unicast+0x533/0x7d0 [ 718.074556][ T1654] ? netlink_attachskb+0x870/0x870 [ 718.080349][ T1654] ? _copy_from_iter_full+0x275/0x850 [ 718.085743][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 718.092887][ T1654] ? __phys_addr_symbol+0x2c/0x70 [ 718.097946][ T1654] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 718.104581][ T1654] ? __check_object_size+0x171/0x3f0 [ 718.110466][ T1654] netlink_sendmsg+0x856/0xd90 [ 718.115252][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 718.121296][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.127561][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 718.133440][ T1654] sock_sendmsg+0xcf/0x120 [ 718.137899][ T1654] ____sys_sendmsg+0x6e8/0x810 [ 718.144579][ T1654] ? kernel_sendmsg+0x50/0x50 [ 718.149944][ T1654] ? do_recvmmsg+0x6c0/0x6c0 [ 718.154553][ T1654] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 718.161518][ T1654] ___sys_sendmsg+0xf3/0x170 [ 718.166150][ T1654] ? sendmsg_copy_msghdr+0x160/0x160 [ 718.172798][ T1654] ? __fget_files+0x266/0x3d0 [ 718.177516][ T1654] ? lock_downgrade+0x6d0/0x6d0 [ 718.183336][ T1654] ? __fget_files+0x288/0x3d0 [ 718.188119][ T1654] ? __fget_light+0xea/0x280 [ 718.193762][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 718.200715][ T1654] __sys_sendmsg+0xe5/0x1b0 [ 718.205237][ T1654] ? __sys_sendmsg_sock+0xb0/0xb0 [ 718.211250][ T1654] ? __do_sys_futex+0x2a2/0x470 [ 718.216127][ T1654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 718.222895][ T1654] do_syscall_64+0x2d/0x70 [ 718.227353][ T1654] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 718.234330][ T1654] RIP: 0033:0x447ba9 [ 718.238258][ T1654] RSP: 002b:00007f20b52f0d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 718.247625][ T1654] RAX: ffffffffffffffda RBX: 00000000006dcc98 RCX: 0000000000447ba9 [ 718.256519][ T1654] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000008 [ 718.265291][ T1654] RBP: 00000000006dcc90 R08: 0000000000000005 R09: 0000000000000000 [ 718.274816][ T1654] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006dcc9c [ 718.283869][ T1654] R13: 0000000000000000 R14: 000000306e616c77 R15: ffffffff00000000 [ 718.292672][ T1654] INFO: task kworker/0:1:8519 blocked for more than 145 seconds. [ 718.302009][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 718.307908][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 718.317629][ T1654] task:kworker/0:1 state:D stack:26880 pid: 8519 ppid: 2 flags:0x00004000 [ 718.327625][ T1654] Workqueue: ipv6_addrconf addrconf_dad_work [ 718.334269][ T1654] Call Trace: [ 718.337563][ T1654] __schedule+0x90c/0x21a0 [ 718.343045][ T1654] ? io_schedule_timeout+0x140/0x140 [ 718.348344][ T1654] ? mark_lock+0xf7/0x1720 [ 718.353688][ T1654] ? _raw_spin_unlock_irq+0x25/0x40 [ 718.358923][ T1654] schedule+0xcf/0x270 [ 718.363974][ T1654] schedule_preempt_disabled+0xf/0x20 [ 718.370388][ T1654] __mutex_lock+0x81a/0x1110 [ 718.375126][ T1654] ? addrconf_dad_work+0xa3/0x1280 [ 718.381193][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 718.386581][ T1654] ? lockdep_hardirqs_on+0x79/0x100 [ 718.393293][ T1654] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 718.401052][ T1654] addrconf_dad_work+0xa3/0x1280 [ 718.406624][ T1654] ? do_raw_spin_lock+0x120/0x2b0 [ 718.412854][ T1654] ? addrconf_dad_completed+0xc60/0xc60 [ 718.418942][ T1654] process_one_work+0x98d/0x15f0 [ 718.425096][ T1654] ? pwq_dec_nr_in_flight+0x320/0x320 [ 718.431318][ T1654] ? rwlock_bug.part.0+0x90/0x90 [ 718.436463][ T1654] ? _raw_spin_lock_irq+0x41/0x50 [ 718.442709][ T1654] worker_thread+0x64c/0x1120 [ 718.447425][ T1654] ? __kthread_parkme+0x13f/0x1e0 [ 718.453783][ T1654] ? process_one_work+0x15f0/0x15f0 [ 718.459029][ T1654] kthread+0x3b1/0x4a0 [ 718.464183][ T1654] ? __kthread_bind_mask+0xc0/0xc0 [ 718.470161][ T1654] ret_from_fork+0x1f/0x30 [ 718.474676][ T1654] INFO: task systemd-udevd:8520 blocked for more than 146 seconds. [ 718.484499][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 718.491083][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 718.500346][ T1654] task:systemd-udevd state:D stack:28168 pid: 8520 ppid: 4893 flags:0x00004004 [ 718.510255][ T1654] Call Trace: [ 718.513566][ T1654] __schedule+0x90c/0x21a0 [ 718.517999][ T1654] ? io_schedule_timeout+0x140/0x140 [ 718.524584][ T1654] schedule+0xcf/0x270 [ 718.528672][ T1654] schedule_preempt_disabled+0xf/0x20 [ 718.535861][ T1654] __mutex_lock+0x81a/0x1110 [ 718.541068][ T1654] ? dev_ioctl+0x41c/0xc40 [ 718.545538][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 718.551878][ T1654] ? dev_load+0xab/0x200 [ 718.556294][ T1654] ? lock_downgrade+0x6d0/0x6d0 [ 718.562263][ T1654] ? lock_downgrade+0x6d0/0x6d0 [ 718.567155][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.574461][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.581364][ T1654] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 718.587372][ T1654] dev_ioctl+0x41c/0xc40 [ 718.592461][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 718.598730][ T1654] sock_do_ioctl+0x148/0x2d0 [ 718.604596][ T1654] ? compat_ifr_data_ioctl+0x150/0x150 [ 718.610685][ T1654] ? __sanitizer_cov_trace_switch+0x63/0xf0 [ 718.616623][ T1654] ? generic_block_fiemap+0x60/0x60 [ 718.622751][ T1654] ? __up_read+0x1a1/0x7b0 [ 718.627185][ T1654] sock_ioctl+0x477/0x6a0 [ 718.632400][ T1654] ? vlan_ioctl_set+0x30/0x30 [ 718.637133][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.644280][ T1654] ? vlan_ioctl_set+0x30/0x30 [ 718.648997][ T1654] __x64_sys_ioctl+0x193/0x200 [ 718.654644][ T1654] do_syscall_64+0x2d/0x70 [ 718.659079][ T1654] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 718.666809][ T1654] RIP: 0033:0x7fa6ca40d017 [ 718.672101][ T1654] RSP: 002b:00007ffd723fc058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 718.682441][ T1654] RAX: ffffffffffffffda RBX: 00007ffd723fc0b0 RCX: 00007fa6ca40d017 [ 718.691068][ T1654] RDX: 00007ffd723fc0b0 RSI: 0000000000008946 RDI: 0000000000000007 [ 718.700150][ T1654] RBP: 00007ffd723fc110 R08: 0000000000000007 R09: 00007fa6ca45a160 [ 718.708157][ T1654] R10: 00007fa6ca477a40 R11: 0000000000000246 R12: 000056253027b5a0 [ 718.717179][ T1654] R13: 000056253026ced0 R14: 00000000ffffffff R15: 0000000000000000 [ 718.725834][ T1654] INFO: task syz-executor200:8532 blocked for more than 146 seconds. [ 718.735395][ T1654] Not tainted 5.11.0-rc4-syzkaller #0 [ 718.741932][ T1654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 718.751285][ T1654] task:syz-executor200 state:D stack:27360 pid: 8532 ppid: 8501 flags:0x00000004 [ 718.761282][ T1654] Call Trace: [ 718.764772][ T1654] __schedule+0x90c/0x21a0 [ 718.769225][ T1654] ? io_schedule_timeout+0x140/0x140 [ 718.775757][ T1654] schedule+0xcf/0x270 [ 718.780422][ T1654] schedule_preempt_disabled+0xf/0x20 [ 718.785806][ T1654] __mutex_lock+0x81a/0x1110 [ 718.792660][ T1654] ? nl80211_pre_doit+0x34f/0x630 [ 718.797729][ T1654] ? mutex_lock_io_nested+0xf60/0xf60 [ 718.804071][ T1654] ? __nla_parse+0x3d/0x50 [ 718.808536][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 718.816448][ T1654] nl80211_pre_doit+0x34f/0x630 [ 718.821901][ T1654] ? nl80211_dump_wiphy_parse.constprop.0+0x580/0x580 [ 718.828762][ T1654] genl_family_rcv_msg_doit+0x1ee/0x320 [ 718.836022][ T1654] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 718.844165][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.851082][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.857518][ T1654] ? ns_capable+0xde/0x100 [ 718.862861][ T1654] genl_rcv_msg+0x328/0x580 [ 718.867381][ T1654] ? genl_get_cmd+0x480/0x480 [ 718.872955][ T1654] ? nl80211_join_ibss+0x12b0/0x12b0 [ 718.878366][ T1654] ? lock_release+0x710/0x710 [ 718.883947][ T1654] netlink_rcv_skb+0x153/0x420 [ 718.888724][ T1654] ? genl_get_cmd+0x480/0x480 [ 718.894445][ T1654] ? netlink_ack+0xaa0/0xaa0 [ 718.899089][ T1654] genl_rcv+0x24/0x40 [ 718.903950][ T1654] netlink_unicast+0x533/0x7d0 [ 718.908828][ T1654] ? netlink_attachskb+0x870/0x870 [ 718.914872][ T1654] ? _copy_from_iter_full+0x275/0x850 [ 718.921868][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 718.928388][ T1654] ? __phys_addr_symbol+0x2c/0x70 [ 718.934315][ T1654] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 718.940650][ T1654] ? __check_object_size+0x171/0x3f0 [ 718.945959][ T1654] netlink_sendmsg+0x856/0xd90 [ 718.951902][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 718.956970][ T1654] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 718.964201][ T1654] ? netlink_unicast+0x7d0/0x7d0 [ 718.969155][ T1654] sock_sendmsg+0xcf/0x120 [ 718.974480][ T1654] ____sys_sendmsg+0x6e8/0x810 [ 718.979374][ T1654] ? kernel_sendmsg+0x50/0x50 [ 718.984230][ T1654] ? do_recvmmsg+0x6c0/0x6c0 [ 718.988838][ T1654] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 718.994973][ T1654] ___sys_sendmsg+0xf3/0x170 [ 718.999807][ T1654] ? sendmsg_copy_msghdr+0x160/0x160 [ 719.005110][ T1654] ? __fget_files+0x266/0x3d0 [ 719.009900][ T1654] ? lock_downgrade+0x6d0/0x6d0 [ 719.014913][ T1654] ? __fget_files+0x288/0x3d0 [ 719.019704][ T1654] ? __fget_light+0xea/0x280 [ 719.025245][ T1654] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 719.031600][ T1654] __sys_sendmsg+0xe5/0x1b0 [ 719.036360][ T1654] ? __sys_sendmsg_sock+0xb0/0xb0 [ 719.041564][ T1654] ? __do_sys_futex+0x2a2/0x470 [ 719.046588][ T1654] ? syscall_enter_from_user_mode+0x1d/0x50 [ 719.054137][ T1654] do_syscall_64+0x2d/0x70 [ 719.058922][ T1654] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 719.064905][ T1654] RIP: 0033:0x447ba9 [ 719.069115][ T1654] RSP: 002b:00007f20b5311d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 719.077796][ T1654] RAX: ffffffffffffffda RBX: 00000000006dcc88 RCX: 0000000000447ba9 [ 719.086067][ T1654] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 719.094131][ T1654] RBP: 00000000006dcc80 R08: 000000000000000d R09: 0000000000000000 [ 719.102737][ T1654] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006dcc8c [ 719.110898][ T1654] R13: 0000000000000000 R14: 000000306e616c77 R15: ffffffff00000000 [ 719.119092][ T1654] [ 719.119092][ T1654] Showing all locks held in the system: [ 719.128016][ T1654] 1 lock held by khungtaskd/1654: [ 719.133814][ T1654] #0: ffffffff8b373ce0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 719.143943][ T1654] 1 lock held by in:imklog/8183: [ 719.148883][ T1654] #0: ffff888011226ff0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 [ 719.158301][ T1654] 3 locks held by kworker/1:1/8487: [ 719.163899][ T1654] #0: ffff888010062d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0 [ 719.174776][ T1654] #1: ffffc90001b47da8 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0 [ 719.186555][ T1654] #2: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xb/0x60 [ 719.195610][ T1654] 2 locks held by syz-executor200/8508: [ 719.201448][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.209826][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.219403][ T1654] 2 locks held by syz-executor200/8511: [ 719.225087][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.233478][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.243150][ T1654] 2 locks held by syz-executor200/8529: [ 719.248842][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.257149][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.266701][ T1654] 2 locks held by syz-executor200/8509: [ 719.272439][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.280815][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.290358][ T1654] 3 locks held by syz-executor200/8524: [ 719.296048][ T1654] 2 locks held by syz-executor200/8510: [ 719.301665][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.311428][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.320842][ T1654] 2 locks held by syz-executor200/8526: [ 719.326530][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.335163][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.344731][ T1654] 3 locks held by kworker/0:1/8519: [ 719.350120][ T1654] #0: ffff888147824d38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0 [ 719.361221][ T1654] #1: ffffc90001b27da8 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0 [ 719.374259][ T1654] #2: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xa3/0x1280 [ 719.383962][ T1654] 1 lock held by systemd-udevd/8520: [ 719.389632][ T1654] #0: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x41c/0xc40 [ 719.398561][ T1654] 2 locks held by syz-executor200/8532: [ 719.404830][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.413466][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.422981][ T1654] 2 locks held by syz-executor200/8538: [ 719.428788][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.437380][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.448110][ T1654] 2 locks held by syz-executor200/8541: [ 719.454173][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.462970][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.472602][ T1654] 2 locks held by syz-executor200/8544: [ 719.478901][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.487235][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.496842][ T1654] 2 locks held by syz-executor200/8548: [ 719.502764][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.511489][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.521272][ T1654] 2 locks held by syz-executor200/8549: [ 719.526828][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.535161][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.545324][ T1654] 2 locks held by syz-executor200/8550: [ 719.550961][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.559559][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.568999][ T1654] 2 locks held by syz-executor200/8552: [ 719.575611][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.584045][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.594159][ T1654] 2 locks held by syz-executor200/8533: [ 719.599805][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.608225][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.617947][ T1654] 2 locks held by syz-executor200/8539: [ 719.623876][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.632184][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.641928][ T1654] 2 locks held by syz-executor200/8542: [ 719.647733][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.656045][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.665762][ T1654] 2 locks held by syz-executor200/8543: [ 719.671569][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.680084][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.689915][ T1654] 2 locks held by syz-executor200/8545: [ 719.695479][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.704795][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.714281][ T1654] 2 locks held by syz-executor200/8546: [ 719.720125][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.728404][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.738200][ T1654] 2 locks held by syz-executor200/8547: [ 719.743958][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.752697][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.762205][ T1654] 2 locks held by syz-executor200/8551: [ 719.767977][ T1654] #0: ffffffff8cae83d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40 [ 719.776315][ T1654] #1: ffffffff8ca591e8 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x34f/0x630 [ 719.786011][ T1654] [ 719.788344][ T1654] ============================================= [ 719.788344][ T1654] [ 719.797456][ T1654] NMI backtrace for cpu 0 [ 719.801903][ T1654] CPU: 0 PID: 1654 Comm: khungtaskd Not tainted 5.11.0-rc4-syzkaller #0 [ 719.810378][ T1654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 719.820440][ T1654] Call Trace: [ 719.823749][ T1654] dump_stack+0x107/0x163 [ 719.828095][ T1654] nmi_cpu_backtrace.cold+0x44/0xd7 [ 719.833301][ T1654] ? lapic_can_unplug_cpu+0x80/0x80 [ 719.838509][ T1654] nmi_trigger_cpumask_backtrace+0x1b3/0x230 [ 719.844902][ T1654] watchdog+0xd43/0xfa0 [ 719.849084][ T1654] ? reset_hung_task_detector+0x30/0x30 [ 719.854644][ T1654] kthread+0x3b1/0x4a0 [ 719.858754][ T1654] ? __kthread_bind_mask+0xc0/0xc0 [ 719.863877][ T1654] ret_from_fork+0x1f/0x30 [ 719.868988][ T1654] Sending NMI from CPU 0 to CPUs 1: [ 719.875350][ C1] NMI backtrace for cpu 1 [ 719.875360][ C1] CPU: 1 PID: 8524 Comm: syz-executor200 Not tainted 5.11.0-rc4-syzkaller #0 [ 719.875369][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 719.875376][ C1] RIP: 0010:ieee80211_chanctx_radar_detect+0x2e2/0x420 [ 719.875390][ C1] Code: 00 00 00 44 89 f9 48 d3 e0 41 09 c4 e8 b7 25 17 f9 48 8d bb 58 09 00 00 48 89 f8 48 c1 e8 03 42 80 3c 30 00 0f 85 d4 00 00 00 <48> 8b 83 58 09 00 00 48 8d 98 a8 f6 ff ff 49 39 c5 0f 85 3f ff ff [ 719.875403][ C1] RSP: 0018:ffffc90001b572e0 EFLAGS: 00000246 [ 719.875414][ C1] RAX: 1ffff110035d8aa3 RBX: ffff88801aec4bc0 RCX: 0000000000000000 [ 719.875421][ C1] RDX: ffff888017008000 RSI: ffffffff885b9b39 RDI: ffff88801aec5518 [ 719.875428][ C1] RBP: 0000000000000000 R08: 0000000000000002 R09: 0000000000000000 [ 719.875435][ C1] R10: ffffffff885b9ada R11: 0000000000000000 R12: 0000000000000000 [ 719.875442][ C1] R13: ffff888011106320 R14: dffffc0000000000 R15: 0000000000000000 [ 719.875449][ C1] FS: 00007f20b52f1700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000 [ 719.875456][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 719.875462][ C1] CR2: 00007fb81243c000 CR3: 0000000017893000 CR4: 0000000000350ee0 [ 719.875467][ C1] Call Trace: [ 719.875471][ C1] ieee80211_check_combinations+0x3b9/0x890 [ 719.875476][ C1] ? ieee80211_recalc_dtim+0x240/0x240 [ 719.875481][ C1] ieee80211_check_concurrent_iface+0x454/0x620 [ 719.875487][ C1] ieee80211_if_change_type+0x288/0x620 [ 719.875491][ C1] ieee80211_change_iface+0x26/0x210 [ 719.875496][ C1] cfg80211_change_iface+0x307/0xf10 [ 719.875501][ C1] nl80211_set_interface+0x65c/0x8d0 [ 719.875505][ C1] ? nl80211_notify_iface+0x180/0x180 [ 719.875510][ C1] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 719.875515][ C1] ? nl80211_pre_doit+0xa2/0x630 [ 719.875520][ C1] genl_family_rcv_msg_doit+0x228/0x320 [ 719.875525][ C1] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280 [ 719.875531][ C1] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 719.875537][ C1] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 719.875542][ C1] ? ns_capable+0xde/0x100 [ 719.875546][ C1] genl_rcv_msg+0x328/0x580 [ 719.875550][ C1] ? genl_get_cmd+0x480/0x480 [ 719.875554][ C1] ? nl80211_notify_iface+0x180/0x180 [ 719.875559][ C1] ? lock_release+0x710/0x710 [ 719.875563][ C1] netlink_rcv_skb+0x153/0x420 [ 719.875567][ C1] ? genl_get_cmd+0x480/0x480 [ 719.875571][ C1] ? netlink_ack+0xaa0/0xaa0 [ 719.875575][ C1] genl_rcv+0x24/0x40 [ 719.875579][ C1] netlink_unicast+0x533/0x7d0 [ 719.875583][ C1] ? netlink_attachskb+0x870/0x870 [ 719.875588][ C1] ? _copy_from_iter_full+0x275/0x850 [ 719.875593][ C1] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 719.875599][ C1] ? __phys_addr_symbol+0x2c/0x70 [ 719.875605][ C1] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 719.875610][ C1] ? __check_object_size+0x171/0x3f0 [ 719.875615][ C1] netlink_sendmsg+0x856/0xd90 [ 719.875619][ C1] ? netlink_unicast+0x7d0/0x7d0 [ 719.875624][ C1] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 719.875630][ C1] ? netlink_unicast+0x7d0/0x7d0 [ 719.875636][ C1] sock_sendmsg+0xcf/0x120 [ 719.875640][ C1] ____sys_sendmsg+0x6e8/0x810 [ 719.875645][ C1] ? kernel_sendmsg+0x50/0x50 [ 719.875650][ C1] ? do_recvmmsg+0x6c0/0x6c0 [ 719.875656][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 719.875661][ C1] ___sys_sendmsg+0xf3/0x170 [ 719.875665][ C1] ? sendmsg_copy_msghdr+0x160/0x160 [ 719.875670][ C1] ? __fget_files+0x266/0x3d0 [ 719.875674][ C1] ? lock_downgrade+0x6d0/0x6d0 [ 719.875678][ C1] ? __fget_files+0x288/0x3d0 [ 719.875682][ C1] ? __fget_light+0xea/0x280 [ 719.875687][ C1] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 719.875692][ C1] __sys_sendmsg+0xe5/0x1b0 [ 719.875696][ C1] ? __sys_sendmsg_sock+0xb0/0xb0 [ 719.875701][ C1] ? __do_sys_futex+0x2a2/0x470 [ 719.875705][ C1] ? syscall_enter_from_user_mode+0x1d/0x50 [ 719.875710][ C1] do_syscall_64+0x2d/0x70 [ 719.875714][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 719.875719][ C1] RIP: 0033:0x447ba9 [ 719.875726][ C1] Code: e8 ec e7 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 04 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 719.875739][ C1] RSP: 002b:00007f20b52f0d98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 719.875750][ C1] RAX: ffffffffffffffda RBX: 00000000006dcc98 RCX: 0000000000447ba9 [ 719.875757][ C1] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000009 [ 719.875763][ C1] RBP: 00000000006dcc90 R08: 0000000000000005 R09: 0000000000000000 [ 719.875770][ C1] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006dcc9c [ 719.875777][ C1] R13: 0000000000000000 R14: 000000306e616c77 R15: ffffffff00000000 [ 719.877555][ T1654] Kernel panic - not syncing: hung_task: blocked tasks [ 720.351911][ T1654] CPU: 0 PID: 1654 Comm: khungtaskd Not tainted 5.11.0-rc4-syzkaller #0 [ 720.360244][ T1654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 720.370299][ T1654] Call Trace: [ 720.373612][ T1654] dump_stack+0x107/0x163 [ 720.377950][ T1654] panic+0x306/0x73d [ 720.381852][ T1654] ? __warn_printk+0xf3/0xf3 [ 720.386482][ T1654] ? lapic_can_unplug_cpu+0x80/0x80 [ 720.391706][ T1654] ? preempt_schedule_thunk+0x16/0x18 [ 720.397218][ T1654] ? nmi_trigger_cpumask_backtrace+0x196/0x230 [ 720.403392][ T1654] ? watchdog.cold+0x5/0x158 [ 720.408004][ T1654] watchdog.cold+0x16/0x158 [ 720.412532][ T1654] ? reset_hung_task_detector+0x30/0x30 [ 720.418100][ T1654] kthread+0x3b1/0x4a0 [ 720.422263][ T1654] ? __kthread_bind_mask+0xc0/0xc0 [ 720.427508][ T1654] ret_from_fork+0x1f/0x30 [ 720.435728][ T1654] Kernel Offset: disabled [ 720.440487][ T1654] Rebooting in 86400 seconds..