INFO: task kworker/0:0:5 blocked for more than 143 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:0 state:D stack:13480 pid: 5 ppid: 2 flags:0x00004000 Workqueue: ipv6_addrconf addrconf_dad_work Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 addrconf_dad_work+0x3f/0x500 net/ipv6/addrconf.c:4027 process_one_work+0x26a/0x5f0 kernel/workqueue.c:2269 worker_thread+0x38/0x380 kernel/workqueue.c:2415 kthread+0x148/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task syz-executor.2:6963 blocked for more than 143 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.2 state:D stack:11784 pid: 6963 ppid: 1 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 devinet_ioctl+0xa4/0x7a0 net/ipv4/devinet.c:1067 inet_ioctl+0x8c/0x140 net/ipv4/af_inet.c:967 sock_do_ioctl+0x38/0x130 net/socket.c:1047 sock_ioctl+0x2f1/0x3e0 net/socket.c:1198 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x7c/0xb0 fs/ioctl.c:739 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45dfe7 Code: Bad RIP value. RSP: 002b:00007ffecf56f998 EFLAGS: 00000206 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00000000016a4300 RCX: 000000000045dfe7 RDX: 00007ffecf56f9d0 RSI: 0000000000008914 RDI: 0000000000000004 RBP: 00007ffecf56fa50 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 R13: 0000000000000047 R14: 00007ffecf56faa0 R15: 0000000000000020 INFO: task syz-executor.3:6965 blocked for more than 143 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.3 state:D stack:11496 pid: 6965 ppid: 1 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 nl80211_pre_doit+0xf9/0x1b0 net/wireless/nl80211.c:14304 genl_family_rcv_msg_doit net/netlink/genetlink.c:664 [inline] genl_family_rcv_msg net/netlink/genetlink.c:714 [inline] genl_rcv_msg+0x1b8/0x2ef net/netlink/genetlink.c:731 netlink_rcv_skb+0x41/0x110 net/netlink/af_netlink.c:2470 genl_rcv+0x1f/0x30 net/netlink/genetlink.c:742 netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline] netlink_unicast+0x19a/0x270 net/netlink/af_netlink.c:1330 netlink_sendmsg+0x248/0x480 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0x2b/0x40 net/socket.c:671 __sys_sendto+0xec/0x160 net/socket.c:1992 __do_sys_sendto net/socket.c:2004 [inline] __se_sys_sendto net/socket.c:2000 [inline] __x64_sys_sendto+0x1f/0x30 net/socket.c:2000 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x417a27 Code: Bad RIP value. RSP: 002b:00007fff0520a510 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00000000016a4300 RCX: 0000000000417a27 RDX: 0000000000000024 RSI: 00000000016a4350 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007fff0520a520 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 R13: 0000000000000000 R14: 00000000016a4350 R15: 0000000000000003 INFO: task syz-executor.4:6967 blocked for more than 143 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.4 state:D stack:11592 pid: 6967 ppid: 1 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 rtnl_lock net/core/rtnetlink.c:72 [inline] rtnetlink_rcv_msg+0x14a/0x480 net/core/rtnetlink.c:5560 netlink_rcv_skb+0x41/0x110 net/netlink/af_netlink.c:2470 netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline] netlink_unicast+0x19a/0x270 net/netlink/af_netlink.c:1330 netlink_sendmsg+0x248/0x480 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0x2b/0x40 net/socket.c:671 __sys_sendto+0xec/0x160 net/socket.c:1992 __do_sys_sendto net/socket.c:2004 [inline] __se_sys_sendto net/socket.c:2000 [inline] __x64_sys_sendto+0x1f/0x30 net/socket.c:2000 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x417a27 Code: Bad RIP value. RSP: 002b:00007ffca40ab840 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00000000016a4300 RCX: 0000000000417a27 RDX: 0000000000000028 RSI: 00000000016a4350 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007ffca40ab850 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 R13: 0000000000000000 R14: 00000000016a4350 R15: 0000000000000003 INFO: task syz-executor.0:6972 blocked for more than 144 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.0 state:D stack:11808 pid: 6972 ppid: 1 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 devinet_ioctl+0xa4/0x7a0 net/ipv4/devinet.c:1067 inet_ioctl+0x8c/0x140 net/ipv4/af_inet.c:967 sock_do_ioctl+0x38/0x130 net/socket.c:1047 sock_ioctl+0x2f1/0x3e0 net/socket.c:1198 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x7c/0xb0 fs/ioctl.c:739 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45dfe7 Code: Bad RIP value. RSP: 002b:00007fffcab560c8 EFLAGS: 00000206 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00000000016a4300 RCX: 000000000045dfe7 RDX: 00007fffcab56100 RSI: 0000000000008914 RDI: 0000000000000004 RBP: 00007fffcab56180 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 R13: 0000000000000047 R14: 00007fffcab561d0 R15: 0000000000000020 INFO: task syz-executor.1:6973 blocked for more than 144 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:11688 pid: 6973 ppid: 1 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 rtnl_lock net/core/rtnetlink.c:72 [inline] rtnetlink_rcv_msg+0x14a/0x480 net/core/rtnetlink.c:5560 netlink_rcv_skb+0x41/0x110 net/netlink/af_netlink.c:2470 netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline] netlink_unicast+0x19a/0x270 net/netlink/af_netlink.c:1330 netlink_sendmsg+0x248/0x480 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0x2b/0x40 net/socket.c:671 __sys_sendto+0xec/0x160 net/socket.c:1992 __do_sys_sendto net/socket.c:2004 [inline] __se_sys_sendto net/socket.c:2000 [inline] __x64_sys_sendto+0x1f/0x30 net/socket.c:2000 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x417a27 Code: Bad RIP value. RSP: 002b:00007fff39ffd9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00000000016a4300 RCX: 0000000000417a27 RDX: 0000000000000028 RSI: 00000000016a4350 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007fff39ffd9d0 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 R13: 0000000000000000 R14: 00000000016a4350 R15: 0000000000000003 INFO: task kworker/1:4:8278 blocked for more than 144 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:4 state:D stack:13344 pid: 8278 ppid: 2 flags:0x00004000 Workqueue: ipv6_addrconf addrconf_dad_work Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 addrconf_dad_work+0x3f/0x500 net/ipv6/addrconf.c:4027 process_one_work+0x26a/0x5f0 kernel/workqueue.c:2269 worker_thread+0x38/0x380 kernel/workqueue.c:2415 kthread+0x148/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task syz-executor.5:8320 blocked for more than 144 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.5 state:D stack:12152 pid: 8320 ppid: 6969 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 tcf_action_init_1+0x277/0x4f0 net/sched/act_api.c:973 tcf_action_init+0xcf/0x1f0 net/sched/act_api.c:1054 tcf_action_add+0x7d/0x190 net/sched/act_api.c:1467 tc_ctl_action+0xdb/0x132 net/sched/act_api.c:1520 rtnetlink_rcv_msg+0x173/0x480 net/core/rtnetlink.c:5563 netlink_rcv_skb+0x41/0x110 net/netlink/af_netlink.c:2470 netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline] netlink_unicast+0x19a/0x270 net/netlink/af_netlink.c:1330 netlink_sendmsg+0x248/0x480 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0x2b/0x40 net/socket.c:671 ____sys_sendmsg+0x1ed/0x230 net/socket.c:2353 ___sys_sendmsg+0x77/0xb0 net/socket.c:2407 __sys_sendmsg+0x52/0xa0 net/socket.c:2440 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45e179 Code: Bad RIP value. RSP: 002b:00007fc2780e7c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000002d400 RCX: 000000000045e179 RDX: 0000000000000000 RSI: 0000000020002980 RDI: 0000000000000003 RBP: 000000000118cf80 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c R13: 00007fff040dffcf R14: 00007fc2780e89c0 R15: 000000000118cf4c INFO: task syz-executor.5:8352 blocked for more than 145 seconds. Not tainted 5.9.0-rc6-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.5 state:D stack:14176 pid: 8352 ppid: 6969 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x418/0x910 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 __mutex_lock_common kernel/locking/mutex.c:1033 [inline] __mutex_lock+0x472/0x9f0 kernel/locking/mutex.c:1103 rtnl_lock net/core/rtnetlink.c:72 [inline] rtnetlink_rcv_msg+0x14a/0x480 net/core/rtnetlink.c:5560 netlink_rcv_skb+0x41/0x110 net/netlink/af_netlink.c:2470 netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline] netlink_unicast+0x19a/0x270 net/netlink/af_netlink.c:1330 netlink_sendmsg+0x248/0x480 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0x2b/0x40 net/socket.c:671 ____sys_sendmsg+0x1ed/0x230 net/socket.c:2353 ___sys_sendmsg+0x77/0xb0 net/socket.c:2407 __sys_sendmsg+0x52/0xa0 net/socket.c:2440 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45e179 Code: Bad RIP value. RSP: 002b:00007fc2780a5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000002d400 RCX: 000000000045e179 RDX: 0000000000000000 RSI: 0000000020002980 RDI: 0000000000000003 RBP: 000000000118d0d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d09c R13: 00007fff040dffcf R14: 00007fc2780a69c0 R15: 000000000118d09c Showing all locks held in the system: 3 locks held by kworker/0:0/5: #0: ffff888217086b38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline] #0: ffff888217086b38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff888217086b38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x1de/0x5f0 kernel/workqueue.c:2240 #1: ffffc90000c93e70 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline] #1: ffffc90000c93e70 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #1: ffffc90000c93e70 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x1de/0x5f0 kernel/workqueue.c:2240 #2: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0x3f/0x500 net/ipv6/addrconf.c:4027 1 lock held by khungtaskd/1024: #0: ffffffff84518fe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x15/0x17a kernel/locking/lockdep.c:5853 3 locks held by kworker/0:2/2640: #0: ffff88812bc55f38 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline] #0: ffff88812bc55f38 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff88812bc55f38 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x1de/0x5f0 kernel/workqueue.c:2240 #1: ffffc90005b27e70 ((reg_check_chans).work){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline] #1: ffffc90005b27e70 ((reg_check_chans).work){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #1: ffffc90005b27e70 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x1de/0x5f0 kernel/workqueue.c:2240 #2: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x23/0x4a0 net/wireless/reg.c:2199 1 lock held by in:imklog/6450: #0: ffff88811f1f7cf0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x45/0x50 fs/file.c:930 1 lock held by syz-executor.2/6963: #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0xa4/0x7a0 net/ipv4/devinet.c:1067 2 locks held by syz-executor.3/6965: #0: ffffffff84887e10 (cb_lock){++++}-{3:3}, at: genl_rcv+0x10/0x30 net/netlink/genetlink.c:741 #1: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0xf9/0x1b0 net/wireless/nl80211.c:14304 1 lock held by syz-executor.4/6967: #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x14a/0x480 net/core/rtnetlink.c:5560 1 lock held by syz-executor.0/6972: #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0xa4/0x7a0 net/ipv4/devinet.c:1067 1 lock held by syz-executor.1/6973: #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x14a/0x480 net/core/rtnetlink.c:5560 3 locks held by kworker/1:4/8278: #0: ffff888217086b38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline] #0: ffff888217086b38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #0: ffff888217086b38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x1de/0x5f0 kernel/workqueue.c:2240 #1: ffffc90002e97e70 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline] #1: ffffc90002e97e70 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline] #1: ffffc90002e97e70 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x1de/0x5f0 kernel/workqueue.c:2240 #2: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0x3f/0x500 net/ipv6/addrconf.c:4027 1 lock held by syz-executor.5/8320: #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: tcf_action_init_1+0x277/0x4f0 net/sched/act_api.c:973 2 locks held by syz-executor.5/8334: 1 lock held by syz-executor.5/8352: #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffffffff8486f448 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x14a/0x480 net/core/rtnetlink.c:5560 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1024 Comm: khungtaskd Not tainted 5.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0xa3/0xcc lib/dump_stack.c:118 nmi_cpu_backtrace.cold.8+0x3e/0x58 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0xd5/0xec lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:209 [inline] watchdog+0x58e/0x680 kernel/hung_task.c:295 kthread+0x148/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 8334 Comm: syz-executor.5 Not tainted 5.9.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:770 [inline] RIP: 0010:lock_is_held_type+0xe8/0x120 kernel/locking/lockdep.c:5070 Code: 14 25 c0 7e 01 00 8b 82 e4 08 00 00 83 e8 01 66 85 c0 89 82 e4 08 00 00 75 37 48 83 3d 98 08 2b 01 00 74 2b 48 8b 3c 24 57 9d <0f> 1f 44 00 00 48 83 c4 08 89 c8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 RSP: 0018:ffffc90002fc7458 EFLAGS: 00000286 RAX: 0000000000000000 RBX: ffff88810e72efa8 RCX: 0000000000000000 RDX: ffff88810e72e6c0 RSI: ffffffff84518f60 RDI: 0000000000000286 RBP: ffff88810e72e6c0 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: ffff8881107cd4d8 R12: ffffffff84518f60 R13: ffff88810e72efa8 R14: 00000000ffffffff R15: 0000000000000001 FS: 00007fc2780c7700(0000) GS:ffff88812c000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffefc72acb8 CR3: 000000010dad9000 CR4: 00000000001506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: lock_is_held include/linux/lockdep.h:267 [inline] rcu_read_lock_sched_held+0x4d/0x80 kernel/rcu/update.c:136 trace_lock_acquire include/trace/events/lock.h:13 [inline] lock_acquire+0x37d/0x400 kernel/locking/lockdep.c:5003 __mutex_lock_common kernel/locking/mutex.c:956 [inline] __mutex_lock+0x94/0x9f0 kernel/locking/mutex.c:1103 tcf_idr_check_alloc+0x43/0x120 net/sched/act_api.c:499 tcf_connmark_init+0x144/0x370 net/sched/act_connmark.c:124 tcf_action_init_1+0x3cc/0x4f0 net/sched/act_api.c:995 tcf_action_init+0xcf/0x1f0 net/sched/act_api.c:1054 tcf_action_add+0x7d/0x190 net/sched/act_api.c:1467 tc_ctl_action+0xdb/0x132 net/sched/act_api.c:1520 rtnetlink_rcv_msg+0x173/0x480 net/core/rtnetlink.c:5563 netlink_rcv_skb+0x41/0x110 net/netlink/af_netlink.c:2470 netlink_unicast_kernel net/netlink/af_netlink.c:1304 [inline] netlink_unicast+0x19a/0x270 net/netlink/af_netlink.c:1330 netlink_sendmsg+0x248/0x480 net/netlink/af_netlink.c:1919 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg+0x2b/0x40 net/socket.c:671 ____sys_sendmsg+0x1ed/0x230 net/socket.c:2353 ___sys_sendmsg+0x77/0xb0 net/socket.c:2407 __sys_sendmsg+0x52/0xa0 net/socket.c:2440 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45e179 Code: 3d b2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b b2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007fc2780c6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000002d400 RCX: 000000000045e179 RDX: 0000000000000000 RSI: 0000000020002980 RDI: 0000000000000004 RBP: 000000000118d028 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cff4 R13: 00007fff040dffcf R14: 00007fc2780c79c0 R15: 000000000118cff4