INFO: task syz-executor.2:26716 blocked for more than 143 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D28440 26716 7322 0x20024004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 trace_hardirqs_on_thunk+0x1a/0x1c arch/x86/entry/thunk_64.S:41 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 trace_hardirqs_on_thunk+0x1a/0x1c arch/x86/entry/thunk_64.S:41 test_bit include/asm-generic/bitops/instrumented-non-atomic.h:110 [inline] test_ti_thread_flag include/linux/thread_info.h:84 [inline] need_resched include/linux/sched.h:1827 [inline] preempt_schedule_irq+0xee/0x150 kernel/sched/core.c:4344 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 retint_kernel+0x2b/0x2b register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 arch_clear_bit arch/x86/include/asm/bitops.h:75 [inline] clear_bit include/asm-generic/bitops/instrumented-atomic.h:42 [inline] clear_ti_thread_flag include/linux/thread_info.h:60 [inline] __fpregs_load_activate arch/x86/include/asm/fpu/internal.h:547 [inline] switch_fpu_return+0x1db/0x4b0 arch/x86/kernel/fpu/core.c:343 fpregs_mark_activate+0x320/0x320 arch/x86/include/asm/trace/fpu.h:57 __x64_sys_clock_gettime32+0x240/0x240 kernel/time/posix-timers.c:1410 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 INFO: task syz-executor.2:26720 blocked for more than 143 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D29992 26720 7322 0x20020004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 rwsem_down_write_slowpath+0x90a/0xf90 kernel/locking/rwsem.c:1216 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 lock_acquire+0x1f2/0x8f0 kernel/locking/lockdep.c:4934 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline] _raw_spin_unlock_irqrestore+0x9b/0xe0 kernel/locking/spinlock.c:191 find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:4458 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 lockdep_init_map_waits+0x26a/0x890 kernel/locking/lockdep.c:4138 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 __do_sys_clock_gettime32 kernel/time/posix-timers.c:1176 [inline] __se_sys_clock_gettime32 kernel/time/posix-timers.c:1164 [inline] __ia32_sys_clock_gettime32+0x165/0x240 kernel/time/posix-timers.c:1164 __x64_sys_clock_gettime32+0x240/0x240 kernel/time/posix-timers.c:1410 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 INFO: task syz-executor.2:26723 blocked for more than 143 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D28504 26723 7322 0x20020004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 rwsem_down_write_slowpath+0x90a/0xf90 kernel/locking/rwsem.c:1216 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 lock_acquire+0x1f2/0x8f0 kernel/locking/lockdep.c:4934 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline] _raw_spin_unlock_irqrestore+0x9b/0xe0 kernel/locking/spinlock.c:191 find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:4458 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 lockdep_init_map_waits+0x26a/0x890 kernel/locking/lockdep.c:4138 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 INFO: task syz-executor.2:26736 blocked for more than 143 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D29992 26736 7322 0x20020004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 rwsem_down_write_slowpath+0x90a/0xf90 kernel/locking/rwsem.c:1216 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 lock_acquire+0x1f2/0x8f0 kernel/locking/lockdep.c:4934 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline] _raw_spin_unlock_irqrestore+0x9b/0xe0 kernel/locking/spinlock.c:191 find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:4458 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 lockdep_init_map_waits+0x26a/0x890 kernel/locking/lockdep.c:4138 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 __do_sys_clock_gettime32 kernel/time/posix-timers.c:1176 [inline] __se_sys_clock_gettime32 kernel/time/posix-timers.c:1164 [inline] __ia32_sys_clock_gettime32+0x165/0x240 kernel/time/posix-timers.c:1164 __x64_sys_clock_gettime32+0x240/0x240 kernel/time/posix-timers.c:1410 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 INFO: task syz-executor.4:26715 blocked for more than 144 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D28440 26715 7554 0x20024004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 arch_local_irq_restore arch/x86/include/asm/paravirt.h:759 [inline] lock_acquire+0x267/0x8f0 kernel/locking/lockdep.c:4937 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 trace_timer_init include/trace/events/timer.h:33 [inline] debug_init kernel/time/timer.c:763 [inline] init_timer_key+0x42/0x3a0 kernel/time/timer.c:804 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 __do_sys_clock_gettime32 kernel/time/posix-timers.c:1176 [inline] __se_sys_clock_gettime32 kernel/time/posix-timers.c:1164 [inline] __ia32_sys_clock_gettime32+0x165/0x240 kernel/time/posix-timers.c:1164 __x64_sys_clock_gettime32+0x240/0x240 kernel/time/posix-timers.c:1410 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 INFO: task syz-executor.4:26719 blocked for more than 144 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D29720 26719 7554 0x20020004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 rwsem_down_write_slowpath+0x90a/0xf90 kernel/locking/rwsem.c:1216 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 lock_acquire+0x1f2/0x8f0 kernel/locking/lockdep.c:4934 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline] _raw_spin_unlock_irqrestore+0x9b/0xe0 kernel/locking/spinlock.c:191 find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:4458 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 lockdep_init_map_waits+0x26a/0x890 kernel/locking/lockdep.c:4138 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 __do_sys_clock_gettime32 kernel/time/posix-timers.c:1176 [inline] __se_sys_clock_gettime32 kernel/time/posix-timers.c:1164 [inline] __ia32_sys_clock_gettime32+0x165/0x240 kernel/time/posix-timers.c:1164 __x64_sys_clock_gettime32+0x240/0x240 kernel/time/posix-timers.c:1410 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 INFO: task syz-executor.4:26722 blocked for more than 144 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D29160 26722 7554 0x20020004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 rwsem_down_write_slowpath+0x90a/0xf90 kernel/locking/rwsem.c:1216 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 lock_acquire+0x1f2/0x8f0 kernel/locking/lockdep.c:4934 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline] _raw_spin_unlock_irqrestore+0x9b/0xe0 kernel/locking/spinlock.c:191 find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:4458 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 lockdep_init_map_waits+0x26a/0x890 kernel/locking/lockdep.c:4138 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 __do_sys_clock_gettime32 kernel/time/posix-timers.c:1176 [inline] __se_sys_clock_gettime32 kernel/time/posix-timers.c:1164 [inline] __ia32_sys_clock_gettime32+0x165/0x240 kernel/time/posix-timers.c:1164 __x64_sys_clock_gettime32+0x240/0x240 kernel/time/posix-timers.c:1410 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 INFO: task syz-executor.4:26724 blocked for more than 144 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D29720 26724 7554 0x20020004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 rwsem_down_write_slowpath+0x90a/0xf90 kernel/locking/rwsem.c:1216 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 lock_acquire+0x1f2/0x8f0 kernel/locking/lockdep.c:4934 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline] _raw_spin_unlock_irqrestore+0x9b/0xe0 kernel/locking/spinlock.c:191 find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:4458 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 lockdep_init_map_waits+0x26a/0x890 kernel/locking/lockdep.c:4138 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 __do_sys_clock_gettime32 kernel/time/posix-timers.c:1176 [inline] __se_sys_clock_gettime32 kernel/time/posix-timers.c:1164 [inline] __ia32_sys_clock_gettime32+0x165/0x240 kernel/time/posix-timers.c:1164 __x64_sys_clock_gettime32+0x240/0x240 kernel/time/posix-timers.c:1410 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 INFO: task syz-executor.4:26735 blocked for more than 144 seconds. Not tainted 5.7.0-rc5-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D29992 26735 7554 0x20020004 Call Trace: context_switch kernel/sched/core.c:3367 [inline] __schedule+0x937/0x1ff0 kernel/sched/core.c:4083 rwsem_down_write_slowpath+0x90a/0xf90 kernel/locking/rwsem.c:1216 __sched_text_start+0x8/0x8 schedule+0xd0/0x2a0 kernel/sched/core.c:4158 rwsem_down_write_slowpath+0x706/0xf90 kernel/locking/rwsem.c:1235 rwsem_mark_wake+0x8d0/0x8d0 include/linux/compiler.h:199 lock_acquire+0x1f2/0x8f0 kernel/locking/lockdep.c:4934 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline] _raw_spin_unlock_irqrestore+0x9b/0xe0 kernel/locking/spinlock.c:191 find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:4458 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x137/0x150 kernel/locking/rwsem.c:1532 __down_timeout+0x2d0/0x2d0 lockdep_init_map_waits+0x26a/0x890 kernel/locking/lockdep.c:4138 register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 bcm_init+0x1a3/0x210 net/can/bcm.c:1451 canbcm_pernet_init+0x90/0x90 net/can/bcm.c:1677 can_create+0x27c/0x500 net/can/af_can.c:168 __sock_create+0x3cb/0x730 net/socket.c:1433 sock_create net/socket.c:1484 [inline] __sys_socket+0xef/0x200 net/socket.c:1526 move_addr_to_kernel+0x70/0x70 net/socket.c:195 __do_sys_clock_gettime32 kernel/time/posix-timers.c:1176 [inline] __se_sys_clock_gettime32 kernel/time/posix-timers.c:1164 [inline] __ia32_sys_clock_gettime32+0x165/0x240 kernel/time/posix-timers.c:1164 __x64_sys_clock_gettime32+0x240/0x240 kernel/time/posix-timers.c:1410 __do_sys_socket net/socket.c:1535 [inline] __se_sys_socket net/socket.c:1533 [inline] __ia32_sys_socket+0x6f/0xb0 net/socket.c:1533 __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x463/0x620 kernel/locking/lockdep.c:3702 do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline] do_fast_syscall_32+0x270/0xe90 arch/x86/entry/common.c:396 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 Showing all locks held in the system: 3 locks held by kworker/u4:3/64: #0: ffff8880a9771938 ((wq_completion)netns){+.+.}-{0:0}, at: __write_once_size include/linux/compiler.h:226 [inline] #0: ffff8880a9771938 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff8880a9771938 ((wq_completion)netns){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:855 [inline] #0: ffff8880a9771938 ((wq_completion)netns){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:40 [inline] #0: ffff8880a9771938 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:615 [inline] #0: ffff8880a9771938 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:642 [inline] #0: ffff8880a9771938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x844/0x16a0 kernel/workqueue.c:2239 #1: ffffc90000e97dc0 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x878/0x16a0 kernel/workqueue.c:2243 #2: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x9b/0xa50 net/core/net_namespace.c:565 1 lock held by khungtaskd/1137: #0: ffffffff899bea80 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:5754 2 locks held by agetty/6767: #0: ffff8880a9661098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:267 #1: ffffc900010902e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x220/0x1b30 drivers/tty/n_tty.c:2156 1 lock held by syz-executor.2/26716: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 1 lock held by syz-executor.2/26720: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 1 lock held by syz-executor.2/26723: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 1 lock held by syz-executor.2/26736: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 1 lock held by syz-executor.4/26715: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 1 lock held by syz-executor.4/26719: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 1 lock held by syz-executor.4/26722: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 1 lock held by syz-executor.4/26724: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 1 lock held by syz-executor.4/26735: #0: ffffffff8a576f70 (pernet_ops_rwsem){++++}-{3:3}, at: register_netdevice_notifier+0x1e/0x270 net/core/dev.c:1729 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1137 Comm: khungtaskd Not tainted 5.7.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x188/0x20d lib/dump_stack.c:118 nmi_cpu_backtrace.cold+0x70/0xb1 lib/nmi_backtrace.c:101 lapic_can_unplug_cpu.cold+0x3b/0x3b nmi_trigger_cpumask_backtrace+0x231/0x27e lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline] watchdog+0xa8c/0x1010 kernel/hung_task.c:289 reset_hung_task_detector+0x30/0x30 kernel/hung_task.c:243 kthread+0x388/0x470 kernel/kthread.c:268 kthread_mod_delayed_work+0x1a0/0x1a0 kernel/kthread.c:1090 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:351 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 4122 Comm: systemd-journal Not tainted 5.7.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:bytes_is_nonzero mm/kasan/generic.c:94 [inline] RIP: 0010:memory_is_nonzero mm/kasan/generic.c:109 [inline] RIP: 0010:memory_is_poisoned_n mm/kasan/generic.c:135 [inline] RIP: 0010:memory_is_poisoned mm/kasan/generic.c:166 [inline] RIP: 0010:check_memory_region_inline mm/kasan/generic.c:184 [inline] RIP: 0010:check_memory_region+0xd3/0x190 mm/kasan/generic.c:193 Code: 48 83 c0 01 49 39 c0 74 69 80 38 00 74 f2 49 89 c0 b8 01 00 00 00 4d 85 c0 75 61 5b 5d 41 5c c3 4d 85 c9 74 4d 49 01 d9 eb 09 <48> 83 c0 01 4c 39 c8 74 3f 80 38 00 74 f2 eb d4 41 bc 08 00 00 00 RSP: 0018:ffffc90001627ae8 EFLAGS: 00000046 RAX: fffffbfff1512ac0 RBX: fffffbfff1512ac0 RCX: ffffffff81597f2b RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8a895600 RBP: fffffbfff1512ac1 R08: 0000000000000004 R09: fffffbfff1512ac1 R10: ffffffff8a895607 R11: fffffbfff1512ac0 R12: ffffffff8c86ee18 R13: ffffffff839a2473 R14: 0000000000000010 R15: 0000000000000000 FS: 00007fd1b5ba08c0(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fd1b30d2000 CR3: 00000000944ed000 CR4: 00000000001426f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: test_bit include/asm-generic/bitops/instrumented-non-atomic.h:110 [inline] cpumask_test_cpu include/linux/cpumask.h:367 [inline] trace_lock_release include/trace/events/lock.h:58 [inline] lock_release+0x18b/0x800 kernel/locking/lockdep.c:4951 rcu_read_unlock include/linux/rcupdate.h:651 [inline] unlazy_walk+0x15b/0x3a0 fs/namei.c:681 lock_downgrade+0x840/0x840 kernel/locking/lockdep.c:4579 rwlock_bug.part.0+0x90/0x90 include/linux/sched.h:1329 lock_downgrade+0x840/0x840 kernel/locking/lockdep.c:4579 pv_queued_spin_unlock arch/x86/include/asm/paravirt.h:650 [inline] queued_spin_unlock arch/x86/include/asm/qspinlock.h:55 [inline] do_raw_spin_unlock+0x171/0x260 kernel/locking/spinlock_debug.c:139 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:158 [inline] _raw_spin_unlock_irqrestore+0x16/0xe0 kernel/locking/spinlock.c:191 __debug_check_no_obj_freed lib/debugobjects.c:977 [inline] debug_check_no_obj_freed+0x213/0x449 lib/debugobjects.c:998 kmem_cache_free+0x185/0x320 mm/slab.c:3693 putname+0xe1/0x120 fs/namei.c:259 filename_lookup+0x282/0x3e0 fs/namei.c:2362 nd_jump_link+0x360/0x360 fs/namei.c:895 __phys_addr_symbol+0x2c/0x70 arch/x86/mm/physaddr.c:42 overlaps mm/usercopy.c:110 [inline] check_kernel_text_object mm/usercopy.c:142 [inline] __check_object_size mm/usercopy.c:289 [inline] __check_object_size+0x171/0x437 mm/usercopy.c:256 audit_getname include/linux/audit.h:328 [inline] getname_flags fs/namei.c:202 [inline] getname_flags+0x275/0x5b0 fs/namei.c:128 security_prepare_creds+0xee/0x180 security/security.c:1604 user_path_at include/linux/namei.h:59 [inline] do_faccessat+0x248/0x7a0 fs/open.c:398 __ia32_sys_fallocate+0xf0/0xf0 fs/open.c:338 trace_hardirqs_off_caller+0x55/0x230 kernel/trace/trace_preemptirq.c:73 do_syscall_64+0xf6/0x7d0 arch/x86/entry/common.c:295 entry_SYSCALL_64_after_hwframe+0x49/0xb3 RIP: 0033:0x7fd1b4e5c9c7 Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007ffde416d3c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 RAX: ffffffffffffffda RBX: 00007ffde41702e0 RCX: 00007fd1b4e5c9c7 RDX: 00007fd1b58cda00 RSI: 0000000000000000 RDI: 000055c50c8009a3 RBP: 00007ffde416d400 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007ffde41702e0 R15: 00007ffde416d8f0