INFO: task syz-executor.1:868 blocked for more than 430 seconds. Not tainted 6.8.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:0 pid:868 tgid:847 ppid:30982 flags:0x00000005 Backtrace: [<81884e90>] (__schedule) from [<80281924>] (__schedule_loop kernel/sched/core.c:6813 [inline]) [<81884e90>] (__schedule) from [<80281924>] (rt_mutex_schedule+0x20/0x38 kernel/sched/core.c:7105) r10:84785300 r9:00000000 r8:00000002 r7:00000000 r6:eab71db0 r5:8415ec00 r4:8415ec00 [<80281904>] (rt_mutex_schedule) from [<8188b50c>] (rt_mutex_slowlock_block.constprop.0+0x38/0x160 kernel/locking/rtmutex.c:1636) r5:8415ec00 r4:82e1e054 [<8188b4d4>] (rt_mutex_slowlock_block.constprop.0) from [<8188c794>] (__rt_mutex_slowlock kernel/locking/rtmutex.c:1704 [inline]) [<8188b4d4>] (rt_mutex_slowlock_block.constprop.0) from [<8188c794>] (__rt_mutex_slowlock_locked kernel/locking/rtmutex.c:1740 [inline]) [<8188b4d4>] (rt_mutex_slowlock_block.constprop.0) from [<8188c794>] (rt_mutex_slowlock.constprop.0+0xec/0x2cc kernel/locking/rtmutex.c:1778) r10:84785300 r9:60000013 r8:00000002 r7:eab71db0 r6:8415ec00 r5:82e1e054 r4:00000000 r3:eab71db0 [<8188c6a8>] (rt_mutex_slowlock.constprop.0) from [<8188ca58>] (__rt_mutex_lock kernel/locking/rtmutex.c:1793 [inline]) [<8188c6a8>] (rt_mutex_slowlock.constprop.0) from [<8188ca58>] (__rt_mutex_lock_common kernel/locking/rtmutex_api.c:31 [inline]) [<8188c6a8>] (rt_mutex_slowlock.constprop.0) from [<8188ca58>] (rt_mutex_lock+0x44/0x48 kernel/locking/rtmutex_api.c:71) r9:0000003f r8:00000000 r7:0000003f r6:00000000 r5:00000000 r4:82e1e040 [<8188ca14>] (rt_mutex_lock) from [<80f66934>] (i2c_adapter_lock_bus+0x14/0x18 drivers/i2c/i2c-core-base.c:845) [<80f66920>] (i2c_adapter_lock_bus) from [<80f6bef0>] (i2c_lock_bus include/linux/i2c.h:792 [inline]) [<80f66920>] (i2c_adapter_lock_bus) from [<80f6bef0>] (__i2c_lock_bus_helper drivers/i2c/i2c-core.h:46 [inline]) [<80f66920>] (i2c_adapter_lock_bus) from [<80f6bef0>] (i2c_smbus_xfer+0xa4/0x12c drivers/i2c/i2c-core-smbus.c:541) [<80f6be4c>] (i2c_smbus_xfer) from [<80f6dd34>] (i2cdev_ioctl_smbus+0x198/0x334 drivers/i2c/i2c-dev.c:348) r8:00000003 r7:20000140 r6:00000000 r5:84181800 r4:00000000 [<80f6db9c>] (i2cdev_ioctl_smbus) from [<80f6e17c>] (i2cdev_ioctl+0x2ac/0x390 drivers/i2c/i2c-dev.c:467) r10:84785300 r9:8415ec00 r8:00000003 r7:20000180 r6:00000720 r5:84181800 r4:20000180 [<80f6ded0>] (i2cdev_ioctl) from [<8050d3f8>] (vfs_ioctl fs/ioctl.c:51 [inline]) [<80f6ded0>] (i2cdev_ioctl) from [<8050d3f8>] (do_vfs_ioctl fs/ioctl.c:858 [inline]) [<80f6ded0>] (i2cdev_ioctl) from [<8050d3f8>] (__do_sys_ioctl fs/ioctl.c:902 [inline]) [<80f6ded0>] (i2cdev_ioctl) from [<8050d3f8>] (sys_ioctl+0x118/0xc24 fs/ioctl.c:890) r6:84785301 r5:00000000 r4:00000720 [<8050d2e0>] (sys_ioctl) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66) Exception stack(0xeab71fa8 to 0xeab71ff0) 1fa0: 00000000 00000000 00000003 00000720 20000180 00000000 1fc0: 00000000 00000000 0014c3e8 00000036 7ecfc32e 7ecfc32f 003d0f00 76b790fc 1fe0: 76b78f08 76b78ef8 000167f8 00050bc0 r10:00000036 r9:8415ec00 r8:80200288 r7:00000036 r6:0014c3e8 r5:00000000 r4:00000000 NMI backtrace for cpu 0 CPU: 0 PID: 31 Comm: khungtaskd Not tainted 6.8.0-syzkaller #0 Hardware name: ARM-Versatile Express Backtrace: [<81863744>] (dump_backtrace) from [<81863840>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:256) r7:00000000 r6:00000113 r5:60000193 r4:81fc0f0c [<81863828>] (show_stack) from [<81880fc4>] (__dump_stack lib/dump_stack.c:88 [inline]) [<81863828>] (show_stack) from [<81880fc4>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:114) [<81880f54>] (dump_stack_lvl) from [<81880fe8>] (dump_stack+0x18/0x1c lib/dump_stack.c:123) r5:00000000 r4:00000001 [<81880fd0>] (dump_stack) from [<81850b1c>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113) [<818509bc>] (nmi_cpu_backtrace) from [<81850c68>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000000 r6:8260c590 r5:8261a88c r4:ffffffff [<81850b38>] (nmi_trigger_cpumask_backtrace) from [<80210574>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:851) r9:8260c6f4 r8:00082e42 r7:8289cfe0 r6:00007f1c r5:850a0204 r4:91b28524 [<8021055c>] (arch_trigger_cpumask_backtrace) from [<8034df78>] (trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]) [<8021055c>] (arch_trigger_cpumask_backtrace) from [<8034df78>] (check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]) [<8021055c>] (arch_trigger_cpumask_backtrace) from [<8034df78>] (watchdog+0x480/0x594 kernel/hung_task.c:380) [<8034daf8>] (watchdog) from [<8026fd30>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:df819e58 r8:82ea03c0 r7:00000000 r6:8034daf8 r5:82ef0c00 r4:82f4a1c0 [<8026fc2c>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdf8ddfb0 to 0xdf8ddff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026fc2c r4:82f4a1c0 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 2989 Comm: sshd Not tainted 6.8.0-syzkaller #0 Hardware name: ARM-Versatile Express PC is at neigh_output include/net/neighbour.h:538 [inline] PC is at ip_finish_output2+0x214/0x6d8 net/ipv4/ip_output.c:235 LR is at rcu_read_lock include/linux/rcupdate.h:748 [inline] LR is at ip_finish_output2+0x100/0x6d8 net/ipv4/ip_output.c:228 pc : [<81535034>] lr : [<81534f20>] psr: 60000013 sp : df951aa0 ip : 83d6d800 fp : df951acc r10: 836d9700 r9 : 828fee80 r8 : 828fee80 r7 : 83d6d800 r6 : 836d9700 r5 : 91b7d540 r4 : 843ea900 r3 : 00082e4a r2 : 00000000 r1 : 00082e46 r0 : 8349ad80 Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 30c5387d Table: 8471df00 DAC: 00000000 Backtrace: [<81534e20>] (ip_finish_output2) from [<81536308>] (__ip_finish_output net/ipv4/ip_output.c:313 [inline]) [<81534e20>] (ip_finish_output2) from [<81536308>] (__ip_finish_output+0x9c/0x180 net/ipv4/ip_output.c:295) r9:828fee80 r8:00000000 r7:000005dc r6:846e0f80 r5:828fee80 r4:91b7d540 [<8153626c>] (__ip_finish_output) from [<81536418>] (ip_finish_output+0x2c/0xe0 net/ipv4/ip_output.c:323) r9:828fee80 r8:00000000 r7:83d6d800 r6:828fee80 r5:91b7d540 r4:846e0f80 [<815363ec>] (ip_finish_output) from [<81536530>] (NF_HOOK_COND include/linux/netfilter.h:303 [inline]) [<815363ec>] (ip_finish_output) from [<81536530>] (ip_output+0x64/0xf8 net/ipv4/ip_output.c:433) r7:83d6d800 r6:846e0f80 r5:828fee80 r4:91b7d540 [<815364cc>] (ip_output) from [<81537b9c>] (dst_output include/net/dst.h:450 [inline]) [<815364cc>] (ip_output) from [<81537b9c>] (ip_local_out net/ipv4/ip_output.c:129 [inline]) [<815364cc>] (ip_output) from [<81537b9c>] (__ip_queue_xmit+0x1a0/0x498 net/ipv4/ip_output.c:535) r8:00000000 r7:846e1210 r6:00000001 r5:846e0f80 r4:91b7d540 [<815379fc>] (__ip_queue_xmit) from [<81537ea8>] (ip_queue_xmit+0x14/0x18 net/ipv4/ip_output.c:549) r10:00010600 r9:00000526 r8:91b7d558 r7:00000014 r6:00000000 r5:91b7d540 r4:846e0f80 [<81537e94>] (ip_queue_xmit) from [<8155c5bc>] (__tcp_transmit_skb+0x558/0xd10 net/ipv4/tcp_output.c:1462) [<8155c064>] (__tcp_transmit_skb) from [<8155dd24>] (__tcp_send_ack.part.0+0xd8/0x190 net/ipv4/tcp_output.c:4232) r10:00000000 r9:846e1008 r8:846e13d4 r7:00000058 r6:00000000 r5:009ee46a r4:846e0f80 [<8155dc4c>] (__tcp_send_ack.part.0) from [<8156134c>] (__tcp_send_ack net/ipv4/tcp_output.c:4199 [inline]) [<8155dc4c>] (__tcp_send_ack.part.0) from [<8156134c>] (tcp_send_ack+0x20/0x24 net/ipv4/tcp_output.c:4238) r5:00000058 r4:846e0f80 [<8156132c>] (tcp_send_ack) from [<815471bc>] (__tcp_cleanup_rbuf+0x80/0xdc net/ipv4/tcp.c:1492) [<8154713c>] (__tcp_cleanup_rbuf) from [<81547290>] (tcp_cleanup_rbuf+0x78/0x80 net/ipv4/tcp.c:1503) r5:00000058 r4:846e0f80 [<81547218>] (tcp_cleanup_rbuf) from [<81547dd0>] (tcp_recvmsg_locked+0x290/0x944 net/ipv4/tcp.c:2548) r5:846e0f80 r4:00000000 [<81547b40>] (tcp_recvmsg_locked) from [<81549180>] (tcp_recvmsg+0x88/0x1e4 net/ipv4/tcp.c:2578) r10:00000001 r9:df951e20 r8:84133000 r7:00040000 r6:00000040 r5:df951e68 r4:846e0f80 [<815490f8>] (tcp_recvmsg) from [<81589f64>] (inet_recvmsg+0x50/0x110 net/ipv4/af_inet.c:883) r9:00000000 r8:7699f008 r7:00000040 r6:833caf00 r5:815490f8 r4:df951e68 [<81589f14>] (inet_recvmsg) from [<8136a934>] (sock_recvmsg_nosec net/socket.c:1046 [inline]) [<81589f14>] (inet_recvmsg) from [<8136a934>] (sock_recvmsg+0x50/0x78 net/socket.c:1068) r6:833caf00 r5:df951e68 r4:81589f14 [<8136a8e4>] (sock_recvmsg) from [<8136a9fc>] (sock_read_iter+0xa0/0xf8 net/socket.c:1138) r7:8446d900 r6:833caf00 r5:df951f08 r4:df951ef0 [<8136a95c>] (sock_read_iter) from [<804f4378>] (call_read_iter include/linux/fs.h:2102 [inline]) [<8136a95c>] (sock_read_iter) from [<804f4378>] (new_sync_read fs/read_write.c:395 [inline]) [<8136a95c>] (sock_read_iter) from [<804f4378>] (vfs_read+0x2e4/0x314 fs/read_write.c:476) r7:00000000 r6:84133000 r5:00040000 r4:8446d900 [<804f4094>] (vfs_read) from [<804f4df8>] (ksys_read+0xc4/0xf8 fs/read_write.c:619) r10:00000003 r9:84133000 r8:80200288 r7:00040000 r6:7699f008 r5:8446d900 r4:8446d900 [<804f4d34>] (ksys_read) from [<804f4e3c>] (__do_sys_read fs/read_write.c:629 [inline]) [<804f4d34>] (ksys_read) from [<804f4e3c>] (sys_read+0x10/0x14 fs/read_write.c:627) r7:00000003 r6:7eefe198 r5:76f35c80 r4:00040000 [<804f4e2c>] (sys_read) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66) Exception stack(0xdf951fa8 to 0xdf951ff0) 1fa0: 00040000 76f35c80 00000004 7699f008 00040000 00000000 1fc0: 00040000 76f35c80 7eefe198 00000003 00000000 01f122d0 7eefe27c 00000001 1fe0: 00530b48 7eefe150 00495c34 76b2b2fc