IPVS: Creating netns size=2536 id=44 IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready INFO: task syz-executor5:11322 blocked for more than 120 seconds. IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready Not tainted 4.9.110-g00a0bcb #4 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor5 D28712 11322 3757 0x00000002 ffff8801a0db9800 0000000000000000[ 368.020298] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready ffff8801ccaa0fc0 ffff8801a8c1c800 ffff8801db321c18 ffff8801d8d57568 ffffffff839e6ded ffffffff812355f7 0000000000000000 ffff8801a0dba0c0 0000000600000007 ffff8801db3224e8 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3557 [] __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:526 [inline] [] rwsem_down_write_failed+0x598/0x990 kernel/locking/rwsem-xadd.c:555 IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [] call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:105 [] __down_write arch/x86/include/asm/rwsem.h:125 [inline] [] down_write+0x5c/0xa0 kernel/locking/rwsem.c:54 IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [] n_tty_flush_buffer+0x21/0x310 drivers/tty/n_tty.c:359 [] tty_ldisc_hangup+0x89/0x5b0 drivers/tty/tty_ldisc.c:658 [] __tty_hangup.part.22+0x5f7/0xb00 drivers/tty/tty_io.c:744 [] __tty_hangup drivers/tty/tty_io.c:694 [inline] [] tty_vhangup+0x21/0x30 drivers/tty/tty_io.c:817 [] pty_close+0x374/0x4d0 drivers/tty/pty.c:74 [] tty_release+0x370/0xd00 drivers/tty/tty_io.c:1813 [] __fput+0x263/0x700 fs/file_table.c:208 [] ____fput+0x15/0x20 fs/file_table.c:244 [] task_work_run+0x10c/0x180 kernel/task_work.c:116 [] exit_task_work include/linux/task_work.h:21 [inline] [] do_exit+0x9e1/0x27c0 kernel/exit.c:837 [] do_group_exit+0x111/0x340 kernel/exit.c:941 [] get_signal+0x4cf/0x1450 kernel/signal.c:2321 [] do_signal+0x87/0x19f0 arch/x86/kernel/signal.c:807 [] exit_to_usermode_loop+0xe1/0x120 arch/x86/entry/common.c:157 [] prepare_exit_to_usermode arch/x86/entry/common.c:191 [inline] [] syscall_return_slowpath arch/x86/entry/common.c:260 [inline] [] do_syscall_64+0x364/0x490 arch/x86/entry/common.c:287 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 3 locks held by kworker/0:1/24: #0: ("%s"("ipv6_addrconf")){.+.+..}, at: [] work_static include/linux/workqueue.h:186 [inline] #0: ("%s"("ipv6_addrconf")){.+.+..}, at: [] set_work_data kernel/workqueue.c:617 [inline] #0: ("%s"("ipv6_addrconf")){.+.+..}, at: [] set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: ("%s"("ipv6_addrconf")){.+.+..}, at: [] process_one_work+0x6ee/0x1500 kernel/workqueue.c:2085 #1: ((&(&ifa->dad_work)->work)){+.+...}, at: [] process_one_work+0x728/0x1500 kernel/workqueue.c:2089 #2: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70 2 locks held by khungtaskd/518: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 4 locks held by kworker/0:2/1836: #0: ("events"){.+.+.+}, at: [] work_static include/linux/workqueue.h:186 [inline] #0: ("events"){.+.+.+}, at: [] set_work_data kernel/workqueue.c:617 [inline] #0: ("events"){.+.+.+}, at: [] set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: ("events"){.+.+.+}, at: [] process_one_work+0x6ee/0x1500 kernel/workqueue.c:2085 #1: ((linkwatch_work).work){+.+.+.}, at: [] process_one_work+0x728/0x1500 kernel/workqueue.c:2089 #2: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70 #3: (rcu_preempt_state.exp_mutex){+.+...}, at: [] exp_funnel_lock kernel/rcu/tree_exp.h:256 [inline] #3: (rcu_preempt_state.exp_mutex){+.+...}, at: [] _synchronize_rcu_expedited+0x339/0x840 kernel/rcu/tree_exp.h:569 2 locks held by getty/3654: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2133 2 locks held by kworker/0:3/7286: #0: ("events"){.+.+.+}, at: [] work_static include/linux/workqueue.h:186 [inline] #0: ("events"){.+.+.+}, at: [] set_work_data kernel/workqueue.c:617 [inline] #0: ("events"){.+.+.+}, at: [] set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: ("events"){.+.+.+}, at: [] process_one_work+0x6ee/0x1500 kernel/workqueue.c:2085 #1: ((&rew.rew_work)){+.+...}, at: [] process_one_work+0x728/0x1500 kernel/workqueue.c:2089 4 locks held by syz-executor5/11322: #0: (&tty->legacy_mutex){+.+.+.}, at: [] tty_lock+0x6a/0xd0 drivers/tty/tty_mutex.c:18 #1: (&tty->legacy_mutex/1){+.+.+.}, at: [] tty_lock+0x6a/0xd0 drivers/tty/tty_mutex.c:18 #2: (&tty->ldisc_sem){++++++}, at: [] tty_ldisc_ref+0x20/0x80 drivers/tty/tty_ldisc.c:296 #3: (&o_tty->termios_rwsem/1){++++..}, at: [] n_tty_flush_buffer+0x21/0x310 drivers/tty/n_tty.c:359 1 lock held by ip/20291: #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock net/core/rtnetlink.c:70 [inline] #0: (rtnl_mutex){+.+.+.}, at: [] rtnetlink_rcv+0x1b/0x40 net/core/rtnetlink.c:4064 1 lock held by ip/20292: #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock net/core/rtnetlink.c:70 [inline] #0: (rtnl_mutex){+.+.+.}, at: [] rtnetlink_rcv+0x1b/0x40 net/core/rtnetlink.c:4064 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 518 Comm: khungtaskd Not tainted 4.9.110-g00a0bcb #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d85ffd08 ffffffff81eb2329 0000000000000000 0000000000000001 0000000000000001 0000000000000001 ffffffff810b9580 ffff8801d85ffd40 ffffffff81ebd627 0000000000000001 0000000000000000 0000000000000002 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.2+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12a/0x14f lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6b4/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 5265 Comm: kworker/u4:7 Not tainted 4.9.110-g00a0bcb #4 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events_unbound flush_to_ldiscc task: ffff88019aaf1800 task.stack: ffff88019ab18000 RIP: 0010:[] c [] echo_buf drivers/tty/n_tty.c:146 [inline] RIP: 0010:[] c [] __process_echoes+0x611/0x780 drivers/tty/n_tty.c:735 RSP: 0018:ffff88019ab1f9d8 EFLAGS: 00000293 RAX: ffff88019aaf1800 RBX: ffffc90000744000 RCX: 0000000000000006 RDX: 0000000000000000 RSI: ffffffff8211a0d1 RDI: ffffc90000745e46 RBP: ffff88019ab1fa40 R08: ffff88019aaf21b0 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 00000005e77b1be6 R13: 0000000000002cf4 R14: dffffc0000000000 R15: 00000005e77b1be7 FS: 0000000000000000(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f6a8e38f140 CR3: 00000001cc961000 CR4: 00000000001606f0 DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Stack: 0000000000000206c ffff88019ab1f9f8c ffffc90000746278c ffffed003a72b8f5c ffff8801d395c7acc ffffc90000744020c 0000000000001000c ffff8801d395c400c ffffc90000746300c ffffc90000744000c dffffc0000000000c ffffc90000744020c Call Trace: [] flush_echoes drivers/tty/n_tty.c:801 [inline] [] __receive_buf drivers/tty/n_tty.c:1617 [inline] [] n_tty_receive_buf_common+0xd34/0x2300 drivers/tty/n_tty.c:1711 [] n_tty_receive_buf2+0x33/0x40 drivers/tty/n_tty.c:1746 [] tty_ldisc_receive_buf+0xaf/0x190 drivers/tty/tty_buffer.c:455 [] receive_buf drivers/tty/tty_buffer.c:474 [inline] [] flush_to_ldisc+0x253/0x370 drivers/tty/tty_buffer.c:533 [] process_one_work+0x7e1/0x1500 kernel/workqueue.c:2092 [] worker_thread+0xd6/0x10a0 kernel/workqueue.c:2226 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Code: cc1 cea c03 c83 ce1 c07 c42 c0f cb6 c14 c32 c38 cca c7f c08 c84 cd2 c0f c85 cb0 c00 c00 c00 c80 cbc c03 c60 c12 c00 c00 cff c4d c8d c7c c24 c01 c75 ca4 ce8 c6f c48 c24 cff c<41> c81 ce7 cff c0f c00 c00 c4a c8d cbc c3b c60 c12 c00 c00 c48 c89 cf8 c48 c89 cfa c