INFO: task kworker/0:3:10933 blocked for more than 430 seconds. Not tainted 6.16.0-rc2-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:3 state:D stack:0 pid:10933 tgid:10933 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81a27798>] (__schedule) from [<81a28720>] (__schedule_loop kernel/sched/core.c:6863 [inline]) [<81a27798>] (__schedule) from [<81a28720>] (schedule+0x2c/0x130 kernel/sched/core.c:6878) r10:829185c4 r9:dfad5d84 r8:00000002 r7:60000113 r6:dfad5d8c r5:8503b000 r4:8503b000 [<81a286f4>] (schedule) from [<81a28b08>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6935) r5:8503b000 r4:829185c0 [<81a28af0>] (schedule_preempt_disabled) from [<81a2b1ec>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline]) [<81a28af0>] (schedule_preempt_disabled) from [<81a2b1ec>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747) [<81a2aeec>] (__mutex_lock.constprop.0) from [<81a2b6b8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035) r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfad5e08 r4:00000000 [<81a2b6a4>] (__mutex_lock_slowpath) from [<81a2b6f8>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278) [<81a2b6bc>] (mutex_lock) from [<804e4fb4>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vm_reset_perms mm/vmalloc.c:3335 [inline]) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vfree+0x16c/0x210 mm/vmalloc.c:3414) r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8540fa00 r4:00000000 [<804e8d38>] (vfree) from [<8054e924>] (execmem_free+0x30/0x50 mm/execmem.c:399) r9:83018005 r8:8503b000 r7:00000000 r6:83018000 r5:00001000 r4:7f280000 [<8054e8f4>] (execmem_free) from [<803c6bc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077) r5:00001000 r4:dfd57000 [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline]) [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246) [<803c6f38>] (bpf_jit_free) from [<803c8030>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891) r5:8481638c r4:84816000 [<803c7ee4>] (bpf_prog_free_deferred) from [<8027e2e8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238) r7:dddced40 r6:83018000 r5:8481638c r4:8af5a100 [<8027e134>] (process_one_work) from [<8027ef30>] (process_scheduled_works kernel/workqueue.c:3321 [inline]) [<8027e134>] (process_one_work) from [<8027ef30>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402) r10:61c88647 r9:8503b000 r8:8af5a12c r7:82804d40 r6:dddced40 r5:dddced60 r4:8af5a100 [<8027ed34>] (worker_thread) from [<80285f5c>] (kthread+0x12c/0x280 kernel/kthread.c:464) r10:00000000 r9:8af5a100 r8:8027ed34 r7:df845e60 r6:8af51400 r5:8503b000 r4:00000001 [<80285e30>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdfad5fb0 to 0xdfad5ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285e30 r4:85406e80 INFO: task kworker/0:3:10933 is blocked on a mutex likely owned by task kworker/0:5:22801. task:kworker/0:5 state:R running task stack:0 pid:22801 tgid:22801 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81a27798>] (__schedule) from [<81a28b54>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7108) r10:8280c9b4 r9:85844800 r8:80200be4 r7:e00c1d54 r6:ffffffff r5:85844800 r4:00000000 [<81a28b14>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18) Exception stack(0xe00c1d20 to 0xe00c1d68) 1d20: a55d8000 eb868000 00000001 80239bb8 7f270000 00000001 82abe1c4 82abd5a0 1d40: 7f270000 eb868000 8280c9b4 e00c1d9c e00c1da0 e00c1d70 80230af4 80239bd0 1d60: 80000113 ffffffff r5:80000113 r4:80239bd0 [<80230a90>] (flush_tlb_kernel_range) from [<804e4d78>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328) r4:82abe1e4 [<804e4af4>] (__purge_vmap_area_lazy) from [<804e5130>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:e00c1dc0 r5:e00c1e08 r4:e00c1dc0 [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vm_reset_perms mm/vmalloc.c:3335 [inline]) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vfree+0x16c/0x210 mm/vmalloc.c:3414) r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8506c0c0 r4:00000000 [<804e8d38>] (vfree) from [<8054e924>] (execmem_free+0x30/0x50 mm/execmem.c:399) r9:83018005 r8:85844800 r7:00000000 r6:83018000 r5:00001000 r4:7f27e000 [<8054e8f4>] (execmem_free) from [<803c6bc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077) r5:00001000 r4:dfd0b000 [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline]) [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246) [<803c6f38>] (bpf_jit_free) from [<803c8030>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891) r5:8481738c r4:84817000 [<803c7ee4>] (bpf_prog_free_deferred) from [<8027e2e8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238) r7:dddced40 r6:83018000 r5:8481738c r4:849aa700 [<8027e134>] (process_one_work) from [<8027ef30>] (process_scheduled_works kernel/workqueue.c:3321 [inline]) [<8027e134>] (process_one_work) from [<8027ef30>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402) r10:61c88647 r9:85844800 r8:849aa72c r7:82804d40 r6:dddced40 r5:dddced60 r4:849aa700 [<8027ed34>] (worker_thread) from [<80285f5c>] (kthread+0x12c/0x280 kernel/kthread.c:464) r10:00000000 r9:849aa700 r8:8027ed34 r7:dfad5e60 r6:849aa580 r5:85844800 r4:00000001 [<80285e30>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xe00c1fb0 to 0xe00c1ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285e30 r4:853ddd00 INFO: task kworker/1:2:17851 blocked for more than 430 seconds. Not tainted 6.16.0-rc2-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:2 state:D stack:0 pid:17851 tgid:17851 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81a27798>] (__schedule) from [<81a28720>] (__schedule_loop kernel/sched/core.c:6863 [inline]) [<81a27798>] (__schedule) from [<81a28720>] (schedule+0x2c/0x130 kernel/sched/core.c:6878) r10:829185c4 r9:df95dd84 r8:00000002 r7:60000113 r6:df95dd8c r5:852b9800 r4:852b9800 [<81a286f4>] (schedule) from [<81a28b08>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6935) r5:852b9800 r4:829185c0 [<81a28af0>] (schedule_preempt_disabled) from [<81a2b1ec>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline]) [<81a28af0>] (schedule_preempt_disabled) from [<81a2b1ec>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747) [<81a2aeec>] (__mutex_lock.constprop.0) from [<81a2b6b8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035) r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:df95de08 r4:00000000 [<81a2b6a4>] (__mutex_lock_slowpath) from [<81a2b6f8>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278) [<81a2b6bc>] (mutex_lock) from [<804e4fb4>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vm_reset_perms mm/vmalloc.c:3335 [inline]) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vfree+0x16c/0x210 mm/vmalloc.c:3414) r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:88f0e6c0 r4:00000000 [<804e8d38>] (vfree) from [<8054e924>] (execmem_free+0x30/0x50 mm/execmem.c:399) r9:83018205 r8:852b9800 r7:00000000 r6:83018200 r5:00001000 r4:7f27c000 [<8054e8f4>] (execmem_free) from [<803c6bc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077) r5:00001000 r4:dfcff000 [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline]) [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246) [<803c6f38>] (bpf_jit_free) from [<803c8030>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891) r5:84b4eb8c r4:84b4e800 [<803c7ee4>] (bpf_prog_free_deferred) from [<8027e2e8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238) r7:ddde2d40 r6:83018200 r5:84b4eb8c r4:84852100 [<8027e134>] (process_one_work) from [<8027ef30>] (process_scheduled_works kernel/workqueue.c:3321 [inline]) [<8027e134>] (process_one_work) from [<8027ef30>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402) r10:61c88647 r9:852b9800 r8:8485212c r7:82804d40 r6:ddde2d40 r5:ddde2d60 r4:84852100 [<8027ed34>] (worker_thread) from [<80285f5c>] (kthread+0x12c/0x280 kernel/kthread.c:464) r10:00000000 r9:84852100 r8:8027ed34 r7:dfc29e60 r6:84852c00 r5:852b9800 r4:00000001 [<80285e30>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdf95dfb0 to 0xdf95dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285e30 r4:8484d580 INFO: task kworker/1:2:17851 is blocked on a mutex likely owned by task kworker/0:5:22801. task:kworker/0:5 state:R running task stack:0 pid:22801 tgid:22801 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81a27798>] (__schedule) from [<81a28b54>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7108) r10:8280c9b4 r9:85844800 r8:80200be4 r7:e00c1d54 r6:ffffffff r5:85844800 r4:00000000 [<81a28b14>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18) Exception stack(0xe00c1d20 to 0xe00c1d68) 1d20: a5cfe000 eb868000 00000001 80239bb8 7f270000 00000001 82abe1c4 82abd5a0 1d40: 7f270000 eb868000 8280c9b4 e00c1d9c e00c1da0 e00c1d70 80230af4 80239bd0 1d60: 80000113 ffffffff r5:80000113 r4:80239bd0 [<80230a90>] (flush_tlb_kernel_range) from [<804e4d78>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328) r4:82abe1e4 [<804e4af4>] (__purge_vmap_area_lazy) from [<804e5130>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:e00c1dc0 r5:e00c1e08 r4:e00c1dc0 [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vm_reset_perms mm/vmalloc.c:3335 [inline]) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vfree+0x16c/0x210 mm/vmalloc.c:3414) r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8506c0c0 r4:00000000 [<804e8d38>] (vfree) from [<8054e924>] (execmem_free+0x30/0x50 mm/execmem.c:399) r9:83018005 r8:85844800 r7:00000000 r6:83018000 r5:00001000 r4:7f27e000 [<8054e8f4>] (execmem_free) from [<803c6bc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077) r5:00001000 r4:dfd0b000 [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline]) [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246) [<803c6f38>] (bpf_jit_free) from [<803c8030>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891) r5:8481738c r4:84817000 [<803c7ee4>] (bpf_prog_free_deferred) from [<8027e2e8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238) r7:dddced40 r6:83018000 r5:8481738c r4:849aa700 [<8027e134>] (process_one_work) from [<8027ef30>] (process_scheduled_works kernel/workqueue.c:3321 [inline]) [<8027e134>] (process_one_work) from [<8027ef30>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402) r10:61c88647 r9:85844800 r8:849aa72c r7:82804d40 r6:dddced40 r5:dddced60 r4:849aa700 [<8027ed34>] (worker_thread) from [<80285f5c>] (kthread+0x12c/0x280 kernel/kthread.c:464) r10:00000000 r9:849aa700 r8:8027ed34 r7:dfad5e60 r6:849aa580 r5:85844800 r4:00000001 [<80285e30>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xe00c1fb0 to 0xe00c1ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285e30 r4:853ddd00 INFO: task kworker/0:6:22814 blocked for more than 430 seconds. Not tainted 6.16.0-rc2-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:6 state:D stack:0 pid:22814 tgid:22814 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81a27798>] (__schedule) from [<81a28720>] (__schedule_loop kernel/sched/core.c:6863 [inline]) [<81a27798>] (__schedule) from [<81a28720>] (schedule+0x2c/0x130 kernel/sched/core.c:6878) r10:829185c4 r9:dfd09d84 r8:00000002 r7:60000113 r6:dfd09d8c r5:85845400 r4:85845400 [<81a286f4>] (schedule) from [<81a28b08>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6935) r5:85845400 r4:829185c0 [<81a28af0>] (schedule_preempt_disabled) from [<81a2b1ec>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline]) [<81a28af0>] (schedule_preempt_disabled) from [<81a2b1ec>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747) [<81a2aeec>] (__mutex_lock.constprop.0) from [<81a2b6b8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035) r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfd09e08 r4:00000000 [<81a2b6a4>] (__mutex_lock_slowpath) from [<81a2b6f8>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278) [<81a2b6bc>] (mutex_lock) from [<804e4fb4>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vm_reset_perms mm/vmalloc.c:3335 [inline]) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vfree+0x16c/0x210 mm/vmalloc.c:3414) r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:854bec00 r4:00000000 [<804e8d38>] (vfree) from [<8054e924>] (execmem_free+0x30/0x50 mm/execmem.c:399) r9:83018005 r8:85845400 r7:00000000 r6:83018000 r5:00001000 r4:7f282000 [<8054e8f4>] (execmem_free) from [<803c6bc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077) r5:00001000 r4:dfdff000 [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline]) [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246) [<803c6f38>] (bpf_jit_free) from [<803c8030>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891) r5:852fef8c r4:852fec00 [<803c7ee4>] (bpf_prog_free_deferred) from [<8027e2e8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238) r7:dddced40 r6:83018000 r5:852fef8c r4:849aac00 [<8027e134>] (process_one_work) from [<8027ef30>] (process_scheduled_works kernel/workqueue.c:3321 [inline]) [<8027e134>] (process_one_work) from [<8027ef30>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402) r10:61c88647 r9:85845400 r8:849aac2c r7:82804d40 r6:dddced40 r5:dddced60 r4:849aac00 [<8027ed34>] (worker_thread) from [<80285f5c>] (kthread+0x12c/0x280 kernel/kthread.c:464) r10:00000000 r9:849aac00 r8:8027ed34 r7:dfa39e60 r6:849aa600 r5:85845400 r4:00000001 [<80285e30>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdfd09fb0 to 0xdfd09ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285e30 r4:8540f100 INFO: task kworker/0:6:22814 is blocked on a mutex likely owned by task kworker/0:5:22801. task:kworker/0:5 state:R running task stack:0 pid:22801 tgid:22801 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81a27798>] (__schedule) from [<81a28b54>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7108) r10:8280c9b4 r9:85844800 r8:80200be4 r7:e00c1d54 r6:ffffffff r5:85844800 r4:00000000 [<81a28b14>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18) Exception stack(0xe00c1d20 to 0xe00c1d68) 1d20: a6094000 eb868000 00000001 80239bb8 7f270000 00000001 82abe1c4 82abd5a0 1d40: 7f270000 eb868000 8280c9b4 e00c1d9c e00c1da0 e00c1d70 80230af4 80239bd0 1d60: 80000113 ffffffff r5:80000113 r4:80239bd0 [<80230a90>] (flush_tlb_kernel_range) from [<804e4d78>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328) r4:82abe1e4 [<804e4af4>] (__purge_vmap_area_lazy) from [<804e5130>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:e00c1dc0 r5:e00c1e08 r4:e00c1dc0 [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vm_reset_perms mm/vmalloc.c:3335 [inline]) [<804e4f4c>] (_vm_unmap_aliases) from [<804e8ea4>] (vfree+0x16c/0x210 mm/vmalloc.c:3414) r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8506c0c0 r4:00000000 [<804e8d38>] (vfree) from [<8054e924>] (execmem_free+0x30/0x50 mm/execmem.c:399) r9:83018005 r8:85844800 r7:00000000 r6:83018000 r5:00001000 r4:7f27e000 [<8054e8f4>] (execmem_free) from [<803c6bc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077) r5:00001000 r4:dfd0b000 [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline]) [<803c6bb0>] (bpf_jit_free_exec) from [<803c6fa0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246) [<803c6f38>] (bpf_jit_free) from [<803c8030>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891) r5:8481738c r4:84817000 [<803c7ee4>] (bpf_prog_free_deferred) from [<8027e2e8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238) r7:dddced40 r6:83018000 r5:8481738c r4:849aa700 [<8027e134>] (process_one_work) from [<8027ef30>] (process_scheduled_works kernel/workqueue.c:3321 [inline]) [<8027e134>] (process_one_work) from [<8027ef30>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402) r10:61c88647 r9:85844800 r8:849aa72c r7:82804d40 r6:dddced40 r5:dddced60 r4:849aa700 [<8027ed34>] (worker_thread) from [<80285f5c>] (kthread+0x12c/0x280 kernel/kthread.c:464) r10:00000000 r9:849aa700 r8:8027ed34 r7:dfad5e60 r6:849aa580 r5:85844800 r4:00000001 [<80285e30>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xe00c1fb0 to 0xe00c1ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285e30 r4:853ddd00 NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 32 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT Hardware name: ARM-Versatile Express Call trace: [<80201a00>] (dump_backtrace) from [<80201afc>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257) r7:00000000 r6:000e0013 r5:600e0093 r4:82259c14 [<80201ae4>] (show_stack) from [<8021fdf0>] (__dump_stack lib/dump_stack.c:94 [inline]) [<80201ae4>] (show_stack) from [<8021fdf0>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:120) [<8021fd80>] (dump_stack_lvl) from [<8021fe14>] (dump_stack+0x18/0x1c lib/dump_stack.c:129) r5:00000001 r4:00000001 [<8021fdfc>] (dump_stack) from [<81a116b8>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113) [<81a11558>] (nmi_cpu_backtrace) from [<81a11804>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000001 r6:8280c690 r5:8281af40 r4:ffffffff [<81a116d4>] (nmi_trigger_cpumask_backtrace) from [<802304fc>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:852) r9:8280c80c r8:82ab2564 r7:8281bb28 r6:00007ee7 r5:8281b508 r4:833e720c [<802304e4>] (arch_trigger_cpumask_backtrace) from [<80380d74>] (trigger_all_cpu_backtrace include/linux/nmi.h:158 [inline]) [<802304e4>] (arch_trigger_cpumask_backtrace) from [<80380d74>] (check_hung_uninterruptible_tasks kernel/hung_task.c:307 [inline]) [<802304e4>] (arch_trigger_cpumask_backtrace) from [<80380d74>] (watchdog+0x4a8/0x74c kernel/hung_task.c:470) [<803808cc>] (watchdog) from [<80285f5c>] (kthread+0x12c/0x280 kernel/kthread.c:464) r10:00000000 r9:00000000 r8:803808cc r7:83349780 r6:83349780 r5:83259800 r4:00000001 [<80285e30>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdf8e1fb0 to 0xdf8e1ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285e30 r4:8334c580 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 21519 Comm: syz.3.4090 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT Hardware name: ARM-Versatile Express PC is at get_lock_parent_ip include/linux/ftrace.h:1091 [inline] PC is at preempt_latency_start kernel/sched/core.c:5852 [inline] PC is at preempt_count_add+0x114/0x150 kernel/sched/core.c:5877 LR is at get_lock_parent_ip include/linux/ftrace.h:1091 [inline] LR is at preempt_latency_start kernel/sched/core.c:5852 [inline] LR is at preempt_count_add+0x114/0x150 kernel/sched/core.c:5877 pc : [<80295b04>] lr : [<80295b04>] psr: 20010113 sp : dfcc9cc8 ip : dfcc9cc8 fp : dfcc9cec r10: 84392a00 r9 : 00000000 r8 : 8057339c r7 : 837c6638 r6 : 81a30dd0 r5 : 00000001 r4 : 85846c00 r3 : 81a312e0 r2 : 00000a1a r1 : 5b70d000 r0 : 00000001 Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user Control: 30c5387d Table: 846b9840 DAC: fffffffd Call trace: [<802959f0>] (preempt_count_add) from [<81a30dd0>] (__raw_spin_lock include/linux/spinlock_api_smp.h:132 [inline]) [<802959f0>] (preempt_count_add) from [<81a30dd0>] (_raw_spin_lock+0x18/0x58 kernel/locking/spinlock.c:154) r6:837c6638 r5:837c6b28 r4:837c6b88 [<81a30db8>] (_raw_spin_lock) from [<80574d78>] (spin_lock include/linux/spinlock.h:351 [inline]) [<81a30db8>] (_raw_spin_lock) from [<80574d78>] (__dentry_kill+0xe8/0x1bc fs/dcache.c:680) r5:837c6b28 r4:837c65d8 [<80574c90>] (__dentry_kill) from [<80576398>] (shrink_kill fs/dcache.c:1114 [inline]) [<80574c90>] (__dentry_kill) from [<80576398>] (shrink_dentry_list+0x68/0xc0 fs/dcache.c:1141) r7:837c6638 r6:837c6640 r5:dfcc9d54 r4:837c65d8 [<80576330>] (shrink_dentry_list) from [<80576620>] (shrink_dcache_parent+0xd0/0x144 fs/dcache.c:1575) r7:80573420 r6:837c6908 r5:dfcc9d54 r4:00000000 [<80576550>] (shrink_dcache_parent) from [<80576974>] (do_one_tree fs/dcache.c:1604 [inline]) [<80576550>] (shrink_dcache_parent) from [<80576974>] (shrink_dcache_for_umount+0x34/0x2c8 fs/dcache.c:1621) r8:82a6d6a0 r7:843ba400 r6:00000000 r5:837c6968 r4:837c6908 [<80576940>] (shrink_dcache_for_umount) from [<805580a8>] (generic_shutdown_super+0x24/0x104 fs/super.c:621) r10:84392a00 r9:00000000 r8:82a6d6a0 r7:00000000 r6:8280c960 r5:81c1c800 r4:843ba400 r3:837c6908 [<80558084>] (generic_shutdown_super) from [<805588b4>] (kill_anon_super+0x18/0x84 fs/super.c:1282) r5:00000021 r4:843ba400 [<8055889c>] (kill_anon_super) from [<80558948>] (kill_litter_super+0x28/0x2c fs/super.c:1292) r5:8290d284 r4:843ba400 [<80558920>] (kill_litter_super) from [<805592a4>] (deactivate_locked_super+0x54/0x104 fs/super.c:474) r5:8290d284 r4:843ba400 [<80559250>] (deactivate_locked_super) from [<805593b4>] (deactivate_super fs/super.c:507 [inline]) [<80559250>] (deactivate_locked_super) from [<805593b4>] (deactivate_super+0x60/0x64 fs/super.c:503) r5:8245c530 r4:843ba400 [<80559354>] (deactivate_super) from [<805841d8>] (cleanup_mnt+0xec/0x178 fs/namespace.c:1417) r5:8245c530 r4:8490eb40 [<805840ec>] (cleanup_mnt) from [<805842d4>] (__cleanup_mnt+0x14/0x18 fs/namespace.c:1424) r7:85846c00 r6:85847494 r5:85847464 r4:8490eda0 [<805842c0>] (__cleanup_mnt) from [<80283ef4>] (task_work_run+0x90/0xb8 kernel/task_work.c:227) [<80283e64>] (task_work_run) from [<8025f390>] (exit_task_work include/linux/task_work.h:40 [inline]) [<80283e64>] (task_work_run) from [<8025f390>] (do_exit+0x284/0xaa8 kernel/exit.c:955) r9:00000000 r8:dfcc9e90 r7:85847490 r6:855d6e04 r5:85846c00 r4:855d6d80 [<8025f10c>] (do_exit) from [<8025fd74>] (do_group_exit+0x40/0x8c kernel/exit.c:1104) r7:85846c00 [<8025fd34>] (do_group_exit) from [<80270a84>] (get_signal+0xa14/0xa38 kernel/signal.c:3034) r7:85846c00 r4:85846c00 [<80270070>] (get_signal) from [<8022b8e8>] (do_signal arch/arm/kernel/signal.c:578 [inline]) [<80270070>] (get_signal) from [<8022b8e8>] (do_work_pending+0x118/0x4f8 arch/arm/kernel/signal.c:618) r10:00006364 r9:85846c00 r8:00000000 r7:85846c00 r6:00000000 r5:dfcc9fb0 r4:85846c00 [<8022b7d0>] (do_work_pending) from [<80200088>] (slow_work_pending+0xc/0x24) Exception stack(0xdfcc9fb0 to 0xdfcc9ff8) 9fa0: ffffffff 00000004 000001e4 00000000 9fc0: 00000000 f7b5abc2 00000000 00000000 002d0000 00000000 00006364 76bda0bc 9fe0: 200036c0 200036c0 00019420 00019420 20000010 ffffffff r10:00006364 r9:85846c00 r8:00000000 r7:85846c00 r6:ffffffff r5:20000010 r4:00019420