INFO: task khugepaged:1650 blocked for more than 143 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:khugepaged state:D stack:23808 pid: 1650 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_timeout+0x1db/0x250 kernel/time/timer.c:1868 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0x168/0x270 kernel/sched/completion.c:138 __flush_work+0x527/0xac0 kernel/workqueue.c:3052 __lru_add_drain_all+0x3fd/0x760 mm/swap.c:842 khugepaged_do_scan mm/khugepaged.c:2202 [inline] khugepaged+0x10f/0x5530 mm/khugepaged.c:2263 kthread+0x3b1/0x4a0 kernel/kthread.c:313 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task kworker/u4:6:8414 blocked for more than 143 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u4:6 state:D stack:24104 pid: 8414 ppid: 2 flags:0x00004000 Workqueue: events_unbound fsnotify_connector_destroy_workfn Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_timeout+0x1db/0x250 kernel/time/timer.c:1868 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0x168/0x270 kernel/sched/completion.c:138 __synchronize_srcu+0x1a6/0x280 kernel/rcu/srcutree.c:935 fsnotify_connector_destroy_workfn+0x49/0xa0 fs/notify/mark.c:164 process_one_work+0x98d/0x1600 kernel/workqueue.c:2275 worker_thread+0x64c/0x1120 kernel/workqueue.c:2421 kthread+0x3b1/0x4a0 kernel/kthread.c:313 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task kworker/u4:4:22196 blocked for more than 144 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u4:4 state:D stack:24888 pid:22196 ppid: 2 flags:0x00004000 Workqueue: events_unbound fsnotify_mark_destroy_workfn Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_timeout+0x1db/0x250 kernel/time/timer.c:1868 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0x168/0x270 kernel/sched/completion.c:138 __synchronize_srcu+0x1a6/0x280 kernel/rcu/srcutree.c:935 fsnotify_mark_destroy_workfn+0xfd/0x340 fs/notify/mark.c:832 process_one_work+0x98d/0x1600 kernel/workqueue.c:2275 worker_thread+0x64c/0x1120 kernel/workqueue.c:2421 kthread+0x3b1/0x4a0 kernel/kthread.c:313 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task syz-executor.0:22275 blocked for more than 144 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.0 state:D stack:29592 pid:22275 ppid: 8475 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 synchronize_rcu_expedited+0x453/0x620 kernel/rcu/tree_exp.h:853 synchronize_rcu+0xdf/0x180 kernel/rcu/tree.c:3787 account_event kernel/events/core.c:11393 [inline] perf_event_alloc.part.0+0x33d4/0x3b50 kernel/events/core.c:11618 perf_event_alloc kernel/events/core.c:11938 [inline] __do_sys_perf_event_open+0x4ad/0x2df0 kernel/events/core.c:12036 do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665d9 RSP: 002b:00007f9247ca5188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000100 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf80 R13: 00007ffeac0ab6cf R14: 00007f9247ca5300 R15: 0000000000022000 INFO: task syz-executor.0:22281 blocked for more than 145 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.0 state:D stack:26952 pid:22281 ppid: 8475 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5285 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 account_event kernel/events/core.c:11385 [inline] perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 perf_event_alloc kernel/events/core.c:11938 [inline] __do_sys_perf_event_open+0x4ad/0x2df0 kernel/events/core.c:12036 do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665d9 RSP: 002b:00007f9247c84188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000100 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056c038 R13: 00007ffeac0ab6cf R14: 00007f9247c84300 R15: 0000000000022000 INFO: task syz-executor.4:22273 blocked for more than 145 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.4 state:D stack:28144 pid:22273 ppid: 21281 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5285 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 exp_funnel_lock kernel/rcu/tree_exp.h:322 [inline] synchronize_rcu_expedited+0x27e/0x620 kernel/rcu/tree_exp.h:837 synchronize_net+0x3c/0x60 net/core/dev.c:10930 __tun_detach+0x4c5/0x13d0 drivers/net/tun.c:654 tun_detach drivers/net/tun.c:687 [inline] tun_chr_close+0xd9/0x180 drivers/net/tun.c:3397 __fput+0x288/0x920 fs/file_table.c:280 task_work_run+0xdd/0x1a0 kernel/task_work.c:164 tracehook_notify_resume include/linux/tracehook.h:189 [inline] exit_to_user_mode_loop kernel/entry/common.c:174 [inline] exit_to_user_mode_prepare+0x272/0x280 kernel/entry/common.c:208 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:301 do_syscall_64+0x47/0xb0 arch/x86/entry/common.c:57 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4193eb RSP: 002b:00007ffc0416f550 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00000000004193eb RDX: ffffffffffffffbc RSI: ffffffff8917a426 RDI: 0000000000000005 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b2dc2ba20 R10: 0000000000000200 R11: 0000000000000293 R12: 000000000056cb00 R13: 000000000056cb00 R14: 000000000056bf80 R15: 00000000001a6b71 INFO: task syz-executor.4:22280 blocked for more than 146 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.4 state:D stack:28864 pid:22280 ppid: 21281 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5285 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 account_event kernel/events/core.c:11385 [inline] perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 perf_event_alloc kernel/events/core.c:11938 [inline] __do_sys_perf_event_open+0x4ad/0x2df0 kernel/events/core.c:12036 do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665d9 RSP: 002b:00007f1dbc6a6188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000100 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf80 R13: 00007ffc0416f4ef R14: 00007f1dbc6a6300 R15: 0000000000022000 INFO: task syz-executor.1:22282 blocked for more than 146 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:29592 pid:22282 ppid: 8477 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5285 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 account_event kernel/events/core.c:11385 [inline] perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 perf_event_alloc kernel/events/core.c:11938 [inline] __do_sys_perf_event_open+0x4ad/0x2df0 kernel/events/core.c:12036 do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665d9 RSP: 002b:00007f408c641188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf80 R13: 00007ffc418d39ff R14: 00007f408c641300 R15: 0000000000022000 INFO: task syz-executor.1:22287 blocked for more than 147 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:29592 pid:22287 ppid: 8477 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5285 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 account_event kernel/events/core.c:11385 [inline] perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 perf_event_alloc kernel/events/core.c:11938 [inline] __do_sys_perf_event_open+0x4ad/0x2df0 kernel/events/core.c:12036 do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665d9 RSP: 002b:00007f408c620188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000100 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056c038 R13: 00007ffc418d39ff R14: 00007f408c620300 R15: 0000000000022000 INFO: task syz-executor.1:22289 blocked for more than 147 seconds. Not tainted 5.12.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:29368 pid:22289 ppid: 8477 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:4339 [inline] __schedule+0x916/0x23e0 kernel/sched/core.c:5147 schedule+0xcf/0x270 kernel/sched/core.c:5226 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5285 __mutex_lock_common kernel/locking/mutex.c:1026 [inline] __mutex_lock+0x81f/0x1120 kernel/locking/mutex.c:1096 account_event kernel/events/core.c:11385 [inline] perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 perf_event_alloc kernel/events/core.c:11938 [inline] __do_sys_perf_event_open+0x4ad/0x2df0 kernel/events/core.c:12036 do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665d9 RSP: 002b:00007f408c5ff188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056c0f0 R13: 00007ffc418d39ff R14: 00007f408c5ff300 R15: 0000000000022000 Showing all locks held in the system: 1 lock held by khungtaskd/1642: #0: ffffffff8bf79760 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6333 1 lock held by khugepaged/1650: #0: ffffffff8c05a4c8 (lock#5){+.+.}-{3:3}, at: __lru_add_drain_all+0x65/0x760 mm/swap.c:791 1 lock held by in:imklog/8370: #0: ffff8880180425f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:974 2 locks held by kworker/u4:6/8414: #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x871/0x1600 kernel/workqueue.c:2246 #1: ffffc900017dfda8 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x8a5/0x1600 kernel/workqueue.c:2250 3 locks held by kworker/1:5/9719: 2 locks held by kworker/u4:4/22196: #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff888011069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x871/0x1600 kernel/workqueue.c:2246 #1: ffffc9000241fda8 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work+0x8a5/0x1600 kernel/workqueue.c:2250 2 locks held by kworker/0:4/6861: 2 locks held by syz-executor.0/22275: #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: account_event kernel/events/core.c:11385 [inline] #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 #1: ffffffff8bf82968 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:290 [inline] #1: ffffffff8bf82968 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4fa/0x620 kernel/rcu/tree_exp.h:837 1 lock held by syz-executor.0/22281: #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: account_event kernel/events/core.c:11385 [inline] #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 2 locks held by syz-executor.4/22273: #0: ffffffff8d6a4de8 (rtnl_mutex){+.+.}-{3:3}, at: tun_detach drivers/net/tun.c:684 [inline] #0: ffffffff8d6a4de8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3a/0x180 drivers/net/tun.c:3397 #1: ffffffff8bf82968 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:322 [inline] #1: ffffffff8bf82968 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x27e/0x620 kernel/rcu/tree_exp.h:837 1 lock held by syz-executor.4/22280: #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: account_event kernel/events/core.c:11385 [inline] #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 1 lock held by syz-executor.1/22282: #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: account_event kernel/events/core.c:11385 [inline] #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 1 lock held by syz-executor.1/22287: #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: account_event kernel/events/core.c:11385 [inline] #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 1 lock held by syz-executor.1/22289: #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: account_event kernel/events/core.c:11385 [inline] #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 1 lock held by syz-executor.1/22296: #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: account_event kernel/events/core.c:11385 [inline] #0: ffffffff8c042be8 (perf_sched_mutex){+.+.}-{3:3}, at: perf_event_alloc.part.0+0x3262/0x3b50 kernel/events/core.c:11618 1 lock held by syz-executor.1/22316: #0: ffffffff8d6a4de8 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x458/0xb70 net/core/dev_ioctl.c:439 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 1642 Comm: khungtaskd Not tainted 5.12.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x141/0x1d7 lib/dump_stack.c:120 nmi_cpu_backtrace.cold+0x44/0xd7 lib/nmi_backtrace.c:105 nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:209 [inline] watchdog+0xd48/0xfb0 kernel/hung_task.c:294 kthread+0x3b1/0x4a0 kernel/kthread.c:313 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 19444 Comm: kworker/u4:8 Not tainted 5.12.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet RIP: 0010:__sanitizer_cov_trace_pc+0x37/0x60 kernel/kcov.c:197 Code: 81 e1 00 01 00 00 65 48 8b 14 25 00 f0 01 00 a9 00 01 ff 00 74 0e 85 c9 74 35 8b 82 3c 15 00 00 85 c0 74 2b 8b 82 18 15 00 00 <83> f8 02 75 20 48 8b 8a 20 15 00 00 8b 92 1c 15 00 00 48 8b 01 48 RSP: 0018:ffffc900012bfb90 EFLAGS: 00000246 RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000 RDX: ffff88806b4f3880 RSI: ffffffff88b194a3 RDI: ffff88806b4f3c4c RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 R10: ffffffff88b197e3 R11: 0000000000000000 R12: ffff88802f236094 R13: dffffc0000000000 R14: ffff888064a54c00 R15: 0000000000000326 FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc3848d3008 CR3: 0000000018acb000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: rcu_lock_release include/linux/rcupdate.h:272 [inline] rcu_read_unlock include/linux/rcupdate.h:711 [inline] batadv_iv_ogm_slide_own_bcast_window net/batman-adv/bat_iv_ogm.c:771 [inline] batadv_iv_ogm_schedule_buff+0x793/0x1410 net/batman-adv/bat_iv_ogm.c:825 batadv_iv_ogm_schedule net/batman-adv/bat_iv_ogm.c:869 [inline] batadv_iv_ogm_schedule net/batman-adv/bat_iv_ogm.c:862 [inline] batadv_iv_send_outstanding_bat_ogm_packet+0x675/0x920 net/batman-adv/bat_iv_ogm.c:1723 process_one_work+0x98d/0x1600 kernel/workqueue.c:2275 worker_thread+0x64c/0x1120 kernel/workqueue.c:2421 kthread+0x3b1/0x4a0 kernel/kthread.c:313 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294