INFO: task kworker/u4:4:2460 blocked for more than 140 seconds. Not tainted 4.20.0-rc2+ #295 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/u4:4 D13432 2460 2 0x80000000 Workqueue: netns cleanup_net Call Trace: context_switch kernel/sched/core.c:2831 [inline] __schedule+0x8cf/0x21d0 kernel/sched/core.c:3472 schedule+0xfe/0x460 kernel/sched/core.c:3516 exp_funnel_lock kernel/rcu/tree_exp.h:319 [inline] _synchronize_rcu_expedited.constprop.58+0x8df/0x9d0 kernel/rcu/tree_exp.h:620 synchronize_rcu_expedited+0x27/0xa0 kernel/rcu/tree_exp.h:758 synchronize_net+0x3b/0x60 net/core/dev.c:9064 nfnetlink_net_exit_batch+0x10b/0x200 net/netfilter/nfnetlink.c:608 ops_exit_list.isra.5+0x105/0x160 net/core/net_namespace.c:156 cleanup_net+0x555/0xb10 net/core/net_namespace.c:551 process_one_work+0xc90/0x1c40 kernel/workqueue.c:2153 worker_thread+0x17f/0x1390 kernel/workqueue.c:2296 kthread+0x35a/0x440 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task syz-executor3:12262 blocked for more than 140 seconds. Not tainted 4.20.0-rc2+ #295 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor3 D24064 12262 6023 0x00000004 Call Trace: context_switch kernel/sched/core.c:2831 [inline] __schedule+0x8cf/0x21d0 kernel/sched/core.c:3472 schedule+0xfe/0x460 kernel/sched/core.c:3516 exp_funnel_lock kernel/rcu/tree_exp.h:319 [inline] _synchronize_rcu_expedited.constprop.58+0x8df/0x9d0 kernel/rcu/tree_exp.h:620 synchronize_rcu_expedited+0x27/0xa0 kernel/rcu/tree_exp.h:758 synchronize_net+0x3b/0x60 net/core/dev.c:9064 packet_set_ring+0x286/0x1da0 net/packet/af_packet.c:4339 packet_setsockopt+0x16ef/0x23b0 net/packet/af_packet.c:3649 __sys_setsockopt+0x1ba/0x3c0 net/socket.c:1902 __do_sys_setsockopt net/socket.c:1913 [inline] __se_sys_setsockopt net/socket.c:1910 [inline] __x64_sys_setsockopt+0xbe/0x150 net/socket.c:1910 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457569 Code: 83 c4 18 c3 e8 d8 64 00 00 48 8b 04 24 48 8b 4c 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d ea 55 0b <01> 87 01 8b 05 e2 55 0b 01 83 f8 01 0f 85 8a 00 00 00 b8 01 00 00 RSP: 002b:00007f4b341e7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457569 RDX: 000000000000000d RSI: 0000000000000107 RDI: 0000000000000007 RBP: 000000000072c0e0 R08: 0000000000000717 R09: 0000000000000000 R10: 0000000020001000 R11: 0000000000000246 R12: 00007f4b341e86d4 R13: 00000000004c3cf1 R14: 00000000004d60a8 R15: 00000000ffffffff INFO: task syz-executor3:12283 blocked for more than 140 seconds. Not tainted 4.20.0-rc2+ #295 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor3 D25376 12283 6023 0x00000004 Call Trace: context_switch kernel/sched/core.c:2831 [inline] __schedule+0x8cf/0x21d0 kernel/sched/core.c:3472 schedule+0xfe/0x460 kernel/sched/core.c:3516 __lock_sock+0x1fb/0x350 net/core/sock.c:2256 lock_sock_nested+0xfe/0x120 net/core/sock.c:2778 lock_sock include/net/sock.h:1492 [inline] packet_do_bind+0x9c/0xdb0 net/packet/af_packet.c:3047 packet_bind+0x15d/0x1b0 net/packet/af_packet.c:3168 __sys_bind+0x331/0x440 net/socket.c:1483 __do_sys_bind net/socket.c:1494 [inline] __se_sys_bind net/socket.c:1492 [inline] __x64_sys_bind+0x73/0xb0 net/socket.c:1492 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457569 Code: 83 c4 18 c3 e8 d8 64 00 00 48 8b 04 24 48 8b 4c 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d ea 55 0b <01> 87 01 8b 05 e2 55 0b 01 83 f8 01 0f 85 8a 00 00 00 b8 01 00 00 RSP: 002b:00007f4b341c6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 RDX: 0000000000000014 RSI: 0000000020000200 RDI: 0000000000000007 RBP: 000000000072c180 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4b341c76d4 R13: 00000000004bd734 R14: 00000000004cc3a0 R15: 00000000ffffffff Showing all locks held in the system: 2 locks held by kworker/0:1/12: #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:209 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40 kernel/workqueue.c:2124 #1: 00000000138c7f47 ((work_completion)(&smc->tcp_listen_work)){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 1 lock held by khungtaskd/1007: #0: 0000000057223478 (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x424 kernel/locking/lockdep.c:4379 3 locks held by kworker/u4:4/2460: #0: 00000000ccc99ce0 ((wq_completion)"%s""netns"){+.+.}, at: __write_once_size include/linux/compiler.h:209 [inline] #0: 00000000ccc99ce0 ((wq_completion)"%s""netns"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 00000000ccc99ce0 ((wq_completion)"%s""netns"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 00000000ccc99ce0 ((wq_completion)"%s""netns"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 00000000ccc99ce0 ((wq_completion)"%s""netns"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 00000000ccc99ce0 ((wq_completion)"%s""netns"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 00000000ccc99ce0 ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0xb43/0x1c40 kernel/workqueue.c:2124 #1: 000000000c499b69 (net_cleanup_work){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 #2: 000000002862e86e (pernet_ops_rwsem){++++}, at: cleanup_net+0x13f/0xb10 net/core/net_namespace.c:518 2 locks held by kworker/0:2/2917: #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:209 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40 kernel/workqueue.c:2124 #1: 000000003dbba42d ((work_completion)(&smc->tcp_listen_work)){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 1 lock held by rsyslogd/5840: #0: 0000000079455a68 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200 fs/file.c:766 2 locks held by getty/5930: #0: 000000009eabe739 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353 #1: 000000009682f0ac (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154 2 locks held by getty/5931: #0: 000000005c263f0c (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353 #1: 00000000cf1b060b (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154 2 locks held by getty/5932: #0: 00000000ae83feb5 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353 #1: 000000001e0facd0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154 2 locks held by getty/5933: #0: 000000003391cfb9 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353 #1: 00000000157afe1c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154 2 locks held by getty/5934: #0: 00000000f354de33 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353 #1: 000000005b1602f9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154 2 locks held by getty/5935: #0: 0000000002506d20 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353 #1: 000000005e2bf4a1 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154 2 locks held by getty/5936: #0: 00000000920f102a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353 #1: 00000000f837e395 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154 2 locks held by kworker/0:3/6078: #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:209 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40 kernel/workqueue.c:2124 #1: 000000000a1cd922 ((work_completion)(&smc->tcp_listen_work)){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 2 locks held by kworker/0:5/15501: #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:209 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40 kernel/workqueue.c:2124 #1: 00000000b56e68ab ((work_completion)(&smc->tcp_listen_work)){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 2 locks held by kworker/0:6/15502: #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:209 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 0000000045ac890b ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40 kernel/workqueue.c:2124 #1: 00000000a121fb24 ((work_completion)(&smc->tcp_listen_work)){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 1 lock held by syz-executor3/12262: #0: 0000000071b8ca96 (sk_lock-AF_PACKET){+.+.}, at: lock_sock include/net/sock.h:1492 [inline] #0: 0000000071b8ca96 (sk_lock-AF_PACKET){+.+.}, at: packet_setsockopt+0x602/0x23b0 net/packet/af_packet.c:3632 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1007 Comm: khungtaskd Not tainted 4.20.0-rc2+ #295 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x244/0x39d lib/dump_stack.c:113 nmi_cpu_backtrace.cold.2+0x5c/0xa1 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1e8/0x22a lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline] watchdog+0xb51/0x1060 kernel/hung_task.c:289 kthread+0x35a/0x440 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 5840 Comm: rsyslogd Not tainted 4.20.0-rc2+ #295 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:lock_release+0x23/0xa00 kernel/locking/lockdep.c:3853 Code: 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 4c 8d 6d d8 41 54 53 48 8d 9d f8 fe ff ff 48 81 ec 08 01 00 00 48 c1 eb 03 <48> 89 95 e8 fe ff ff 48 ba 00 00 00 00 00 fc ff df 48 8d 04 13 48 RSP: 0018:ffff8881b2acf070 EFLAGS: 00000802 RAX: 0000000000000000 RBX: 1ffff11036559e13 RCX: 1ffff11036559e1f RDX: ffffffff81597f0d RSI: 0000000000000001 RDI: ffffffff8959b940 RBP: ffff8881b2acf1a0 R08: ffffed103b5c5b68 R09: ffffed103b5c5b67 R10: ffffed103b5c5b67 R11: ffff8881dae2db3b R12: 0000000000000000 R13: ffff8881b2acf178 R14: ffff8881c6870400 R15: ffff8881d9a61800 FS: 00007f16a06c4700(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffff600400 CR3: 00000001c4a5c000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: rcu_lock_release include/linux/rcupdate.h:228 [inline] rcu_read_unlock include/linux/rcupdate.h:661 [inline] select_task_rq_fair+0x63a/0x30b0 kernel/sched/fair.c:6363 select_task_rq kernel/sched/core.c:1536 [inline] try_to_wake_up+0x4e7/0x1490 kernel/sched/core.c:2041 wake_up_process kernel/sched/core.c:2129 [inline] wake_up_q+0xa4/0x100 kernel/sched/core.c:440 futex_wake_op kernel/futex.c:1698 [inline] do_futex+0x1bc9/0x26d0 kernel/futex.c:3539 __do_sys_futex kernel/futex.c:3589 [inline] __se_sys_futex kernel/futex.c:3557 [inline] __x64_sys_futex+0x472/0x6a0 kernel/futex.c:3557 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f16a3121b25 Code: 00 00 00 74 17 49 8b 48 20 44 8b 59 10 41 83 e3 30 41 83 fb 20 74 1e be 85 00 00 00 41 ba 01 00 00 00 41 b9 01 00 00 04 0f 05 <48> 3d 01 f0 ff ff 73 1f 31 c0 c3 be 8c 00 00 00 49 89 c8 4d 31 d2 RSP: 002b:00007f16a06c3cb8 EFLAGS: 00000283 ORIG_RAX: 00000000000000ca RAX: ffffffffffffffda RBX: 00000000014908c8 RCX: 00007f16a3121b25 RDX: 0000000000000001 RSI: 0000000000000085 RDI: 00000000014a1264 RBP: 0000000000000001 R08: 00000000014a1260 R09: 0000000004000001 R10: 0000000000000001 R11: 0000000000000283 R12: 000000000065e200 R13: 0000000000000001 R14: 00000000000000b5 R15: 00000000014908b0