------------[ cut here ]------------ do not call blocking ops when !TASK_RUNNING; state=2 set at [] __mutex_lock_common+0xd46/0x2590 kernel/locking/mutex.c:677 WARNING: CPU: 0 PID: 3718 at kernel/sched/core.c:9660 __might_sleep+0xb0/0xe0 kernel/sched/core.c:9656 Modules linked in: CPU: 0 PID: 3718 Comm: kworker/0:8 Tainted: G W 5.17.0-syzkaller-13673-ge8b767f5e040 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events linkwatch_event RIP: 0010:__might_sleep+0xb0/0xe0 kernel/sched/core.c:9656 Code: b0 0c 01 42 80 3c 23 00 74 08 48 89 ef e8 d8 d5 7a 00 48 8b 4d 00 48 c7 c7 80 b6 8e 8a 44 89 ee 48 89 ca 31 c0 e8 50 b2 f2 ff <0f> 0b eb b7 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 72 ff ff ff 48 89 RSP: 0018:ffffc90000007b38 EFLAGS: 00010246 RAX: 35bd253496776b00 RBX: 1ffff11003b20a1e RCX: ffff88801d903a00 RDX: 0000000000000101 RSI: 0000000000000101 RDI: 0000000000000000 RBP: ffff88801d9050f0 R08: ffffffff816b4962 R09: fffff52000000eb9 R10: fffff52000000eb9 R11: 0000000000000000 R12: dffffc0000000000 R13: 0000000000000002 R14: 00000000000002fe R15: ffffffff8c6b8692 FS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f290f36b998 CR3: 000000002772d000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: blk_release_queue+0x2e/0x2a0 block/blk-sysfs.c:766 kobject_cleanup+0x1c0/0x280 lib/kobject.c:705 blkg_free+0x2d0/0x320 block/blk-cgroup.c:86 rcu_do_batch kernel/rcu/tree.c:2535 [inline] rcu_core+0xa85/0x1700 kernel/rcu/tree.c:2786 __do_softirq+0x392/0x7a3 kernel/softirq.c:558 __irq_exit_rcu+0xec/0x170 kernel/softirq.c:637 irq_exit_rcu+0x5/0x20 kernel/softirq.c:649 sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1097 asm_sysvec_apic_timer_interrupt+0x12/0x20 RIP: 0010:instrument_atomic_read include/linux/instrumented.h:71 [inline] RIP: 0010:atomic_long_read include/linux/atomic/atomic-instrumented.h:1265 [inline] RIP: 0010:__mutex_owner kernel/locking/mutex.c:78 [inline] RIP: 0010:mutex_spin_on_owner+0x27b/0x350 kernel/locking/mutex.c:356 Code: 89 df be 08 00 00 00 e8 03 7f 71 00 43 80 3c 2e 00 74 08 48 89 df e8 54 7d 71 00 48 f7 03 01 00 00 00 0f 85 88 00 00 00 f3 90 <48> 89 df be 08 00 00 00 e8 d8 7e 71 00 43 80 3c 2e 00 0f 84 7d fe RSP: 0018:ffffc9000432fa08 EFLAGS: 00000246 RAX: 1ffff11003b20740 RBX: ffffffff8dd9f920 RCX: ffffffff81666684 RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88801d903a00 RBP: ffffffff8dd9f970 R08: dffffc0000000000 R09: ffffed1003b20741 R10: ffffed1003b20741 R11: 0000000000000000 R12: ffff888024e58000 R13: dffffc0000000000 R14: 1ffffffff1bb3f24 R15: ffffffff8dd9f970 mutex_optimistic_spin+0x40/0x2d0 kernel/locking/mutex.c:473 __mutex_lock_common+0xdbe/0x2590 kernel/locking/mutex.c:684 __mutex_lock kernel/locking/mutex.c:733 [inline] mutex_lock_nested+0x1a/0x20 kernel/locking/mutex.c:785 linkwatch_event+0xa/0x50 net/core/link_watch.c:262 process_one_work+0x83c/0x11a0 kernel/workqueue.c:2289 worker_thread+0xa6c/0x1290 kernel/workqueue.c:2436 kthread+0x2a3/0x2d0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 ---------------- Code disassembly (best guess): 0: 89 df mov %ebx,%edi 2: be 08 00 00 00 mov $0x8,%esi 7: e8 03 7f 71 00 callq 0x717f0f c: 43 80 3c 2e 00 cmpb $0x0,(%r14,%r13,1) 11: 74 08 je 0x1b 13: 48 89 df mov %rbx,%rdi 16: e8 54 7d 71 00 callq 0x717d6f 1b: 48 f7 03 01 00 00 00 testq $0x1,(%rbx) 22: 0f 85 88 00 00 00 jne 0xb0 28: f3 90 pause * 2a: 48 89 df mov %rbx,%rdi <-- trapping instruction 2d: be 08 00 00 00 mov $0x8,%esi 32: e8 d8 7e 71 00 callq 0x717f0f 37: 43 80 3c 2e 00 cmpb $0x0,(%r14,%r13,1) 3c: 0f .byte 0xf 3d: 84 7d fe test %bh,-0x2(%rbp)