INFO: task syz.2.1187:9351 blocked for more than 143 seconds.
Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.1187 state:D stack:25008 pid:9351 tgid:9341 ppid:8905 flags:0x00000006
Call Trace:
context_switch kernel/sched/core.c:5315 [inline]
__schedule+0xef5/0x5750 kernel/sched/core.c:6675
__schedule_loop kernel/sched/core.c:6752 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6767
schedule_timeout+0x258/0x2a0 kernel/time/timer.c:2591
do_wait_for_common kernel/sched/completion.c:95 [inline]
__wait_for_common+0x3e1/0x600 kernel/sched/completion.c:116
wait_for_common kernel/sched/completion.c:127 [inline]
wait_for_completion_state+0x1c/0x40 kernel/sched/completion.c:264
coredump_wait fs/coredump.c:418 [inline]
do_coredump+0x82f/0x4160 fs/coredump.c:575
get_signal+0x237c/0x26d0 kernel/signal.c:2902
arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337
exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218
do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa6604403c0
RSP: 002b:00007fa6612b0b38 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 0000000000000000 RBX: 00007fa660736060 RCX: 00007fa66057dff9
RDX: 00007fa6612b0b40 RSI: 00007fa6612b0c70 RDI: 000000000000000b
RBP: 00007fa660736058 R08: 00007fa6612d3080 R09: 0000000000000000
R10: 0000000000000007 R11: 0000000000000246 R12: 00007fa660736064
R13: 0000000000000000 R14: 00007ffe9fa33bf0 R15: 00007ffe9fa33cd8
Showing all locks held in the system:
1 lock held by khungtaskd/30:
#0: ffffffff8ddb77c0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
#0: ffffffff8ddb77c0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
#0: ffffffff8ddb77c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390 kernel/locking/lockdep.c:6701
5 locks held by klogd/4672:
#0: ffff8880b873ee98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 kernel/sched/core.c:593
#1: ffff8880b8728a48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2d9/0x900 kernel/sched/psi.c:989
#2: ffff88807d6ae418 (&p->pi_lock){-.-.}-{2:2}, at: class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline]
#2: ffff88807d6ae418 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0x9a/0x1440 kernel/sched/core.c:4154
#3: ffff8880b873ee98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 kernel/sched/core.c:593
#4: ffff8880b8728a48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_change+0x1b4/0x2e0 kernel/sched/psi.c:913
2 locks held by getty/4990:
#0: ffff88814c0140a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480 drivers/tty/n_tty.c:2211
1 lock held by syz-executor/5226:
3 locks held by kworker/u8:23/8358:
1 lock held by syz.2.1187/9346:
7 locks held by kworker/u8:40/10790:
#0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1212/0x1b30 kernel/workqueue.c:3204
#1: ffffc90009587d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 kernel/workqueue.c:3205
#2: ffffffff8faacbd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xb40 net/core/net_namespace.c:580
#3: ffff8880788460e8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:1014 [inline]
#3: ffff8880788460e8 (&dev->mutex){....}-{3:3}, at: devl_dev_lock net/devlink/devl_internal.h:108 [inline]
#3: ffff8880788460e8 (&dev->mutex){....}-{3:3}, at: devlink_pernet_pre_exit+0x12d/0x2b0 net/devlink/core.c:506
#4: ffff888078847250 (&devlink->lock_key#12){+.+.}-{3:3}, at: devl_lock net/devlink/core.c:276 [inline]
#4: ffff888078847250 (&devlink->lock_key#12){+.+.}-{3:3}, at: devl_dev_lock net/devlink/devl_internal.h:109 [inline]
#4: ffff888078847250 (&devlink->lock_key#12){+.+.}-{3:3}, at: devlink_pernet_pre_exit+0x137/0x2b0 net/devlink/core.c:506
#5: ffffffff8fac27e8 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x6f/0x6b0 drivers/net/netdevsim/netdev.c:773
#6: ffffffff8ddc3138 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x282/0x3b0 kernel/rcu/tree_exp.h:297
1 lock held by syz.2.1603/11376:
2 locks held by syz.2.1610/11401:
5 locks held by syz.2.1616/11425:
2 locks held by syz.2.1656/11569:
=============================================
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]
watchdog+0xf0c/0x1240 kernel/hung_task.c:379
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 5226 Comm: syz-executor Not tainted 6.11.0-syzkaller-11728-gad46e8f95e93 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:instrument_atomic_read include/linux/instrumented.h:68 [inline]
RIP: 0010:_test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]
RIP: 0010:hlock_class+0x35/0x130 kernel/locking/lockdep.c:228
Code: 48 89 fb 48 83 c7 20 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e da 00 00 00 0f b7 5b 20 66 81 e3 ff 1f 0f b7 db 08 00 00 00 48 89 d8 48 c1 e8 06 48 8d 3c c5 40 9c 98 96 e8 d2
RSP: 0018:ffffc9000367f7c0 EFLAGS: 00000006
RAX: 0000000000000000 RBX: 00000000000005fc RCX: 1ffff110024a3160
RDX: 1ffff110024a3165 RSI: 00000000000005fc RDI: ffff888012518b28
RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000
R13: ffff888012518b08 R14: 00000000000005fc R15: ffff888012518000
FS: 00005555662a1500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa698308178 CR3: 000000007c688000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
check_wait_context kernel/locking/lockdep.c:4823 [inline]
__lock_acquire+0x415/0x3ce0 kernel/locking/lockdep.c:5149
lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5822
__raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline]
_raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178
spin_lock_bh include/linux/spinlock.h:356 [inline]
release_sock+0x21/0x220 net/core/sock.c:3624
tcp_recvmsg+0x139/0x680 net/ipv4/tcp.c:2852
inet_recvmsg+0x12b/0x6a0 net/ipv4/af_inet.c:885
sock_recvmsg_nosec net/socket.c:1051 [inline]
sock_recvmsg+0x1b2/0x250 net/socket.c:1073
sock_read_iter+0x2bb/0x3b0 net/socket.c:1143
new_sync_read fs/read_write.c:488 [inline]
vfs_read+0xa3b/0xbd0 fs/read_write.c:569
ksys_read+0x1fa/0x260 fs/read_write.c:712
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe7a037c9fd
Code: a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb b5 e8 78 48 00 00 0f 1f 84 00 00 00 00 00 80 3d 41 fb 18 00 00 74 17 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 5b c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec
RSP: 002b:00007ffe3bd8c938 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe7a037c9fd
RDX: 0000000000000004 RSI: 00007ffe3bd8c94c RDI: 0000000000000003
RBP: 0000000000000000 R08: 00000000000150c6 R09: 00007fe7a1172080
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe3bd8cd40
R13: 0000000000000004 R14: 00007ffe3bd8c94c R15: 00007ffe3bd8c9e0