INFO: task syz-executor.3:16091 blocked for more than 140 seconds. Not tainted 4.9.141+ #23 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29816 16091 16088 0x20020000 ffff8801c533df00 ffff8801ce0f3700 ffff8801ce0f5280 ffff8801d1cac740 ffff8801db621018 ffff8801c8767b80 ffffffff828075c2 ffffffff842cf948 ffffffff83ce1880 ffff8801c533e7d8 00000000000061b2 ffff8801db6218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pig=24092 comm=syz-executor.5 [] schedule_timeout+0x735/0xe20 kernel/time/timer.c:1771 [] do_wait_for_common kernel/sched/completion.c:75 [inline] [] __wait_for_common kernel/sched/completion.c:93 [inline] [] wait_for_common+0x3ef/0x5d0 kernel/sched/completion.c:101 futex_wake_op: syz-executor.5 tries to shift op by 1024; fix this program [] wait_for_completion+0x18/0x20 kernel/sched/completion.c:122 [] SYSC_io_destroy fs/aio.c:1414 [inline] [] SyS_io_destroy+0x2c0/0x340 fs/aio.c:1392 [] do_syscall_32_irqs_on arch/x86/entry/common.c:328 [inline] [] do_fast_syscall_32+0x2f1/0xa10 arch/x86/entry/common.c:390 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 Showing all locks held in the system: 2 locks held by kworker/0:1/23: #0: ("events"){.+.+.+}, at: [] process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085 #1: ((&rew.rew_work)){+.+...}, at: [] process_one_work+0x774/0x15f0 kernel/workqueue.c:2089 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 2 locks held by getty/2025: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+...}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 4 locks held by kworker/u4:8/16249: #0: ("%s""netns"){.+.+.+}, at: [] process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085 #1: (net_cleanup_work){+.+.+.}, at: [] process_one_work+0x774/0x15f0 kernel/workqueue.c:2089 #2: (net_mutex){+.+.+.}, at: [] cleanup_net+0x13f/0x8b0 net/core/net_namespace.c:439 #3: (rcu_preempt_state.barrier_mutex){+.+...}, at: [] _rcu_barrier+0x5d/0x340 kernel/rcu/tree.c:3637 1 lock held by syz-executor.0/24101: #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70 1 lock held by syz-executor.0/24105: #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70 2 locks held by syz-executor.3/24094: #0: (rtnl_mutex){+.+.+.}, at: [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70 #1: (rcu_preempt_state.exp_mutex){+.+...}, at: [] exp_funnel_lock kernel/rcu/tree_exp.h:256 [inline] #1: (rcu_preempt_state.exp_mutex){+.+...}, at: [] _synchronize_rcu_expedited+0x339/0x840 kernel/rcu/tree_exp.h:569 2 locks held by syz-executor.5/24108: #0: (sb_writers#4){.+.+.+}, at: [] sb_start_write include/linux/fs.h:1573 [inline] #0: (sb_writers#4){.+.+.+}, at: [] vfs_fallocate+0x2fe/0x620 fs/open.c:328 #1: (&sb->s_type->i_mutex_key#9){++++++}, at: [] inode_lock include/linux/fs.h:766 [inline] #1: (&sb->s_type->i_mutex_key#9){++++++}, at: [] ext4_fallocate+0x1eb/0x1e80 fs/ext4/extents.c:4974 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #23 ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000001 0000000000000001 0000000000000001 ffffffff810983b0 ffff8801d9907d40 ffffffff81b4df89 0000000000000001 0000000000000000 0000000000000003 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] nmi_cpu_backtrace.cold.0+0x48/0x87 lib/nmi_backtrace.c:99 [] nmi_trigger_cpumask_backtrace+0x12c/0x151 lib/nmi_backtrace.c:60 [] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [] check_hung_task kernel/hung_task.c:125 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline] [] watchdog+0x6ad/0xa20 kernel/hung_task.c:239 [] kthread+0x26d/0x300 kernel/kthread.c:211 [] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 2092 Comm: syz-executor.3 Not tainted 4.9.141+ #23 task: ffff8801ceac17c0 task.stack: ffff8801aba20000 RIP: 0010:[] c [] preempt_count arch/x86/include/asm/preempt.h:22 [inline] RIP: 0010:[] c [] check_kcov_mode kernel/kcov.c:66 [inline] RIP: 0010:[] c [] __sanitizer_cov_trace_pc+0x11/0x50 kernel/kcov.c:100 RSP: 0018:ffff8801aba27848 EFLAGS: 00000296 RAX: ffff8801ceac17c0 RBX: ffff8801c8e112d8 RCX: 1ffffffff05cec80 RDX: 0000000000000000 RSI: ffffffff819e980c RDI: ffffffff84235e58 RBP: ffff8801aba27848 R08: ffff8801ceac20b8 R09: d8a1064c1ba25689 R10: ffff8801ceac17c0 R11: 0000000000000001 R12: dffffc0000000000 R13: 00000000000000cf R14: 0000000000000002 R15: 00000000000000cf FS: 0000000000000000(0000) GS:ffff8801db600000(0063) knlGS:00000000088ca900 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 00000000f5519db0 CR3: 00000001ab881000 CR4: 00000000001606b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Stack: ffff8801aba27880c ffffffff819e980cc 1ffff10035744f18c 0000000000000004c ffff8801aba27980c 0000000000000002c ffff8801aba27c98c ffff8801aba279a8c ffffffff819edabec ffffffff819eda5ec ffffffff81ba7d7bc ffff8801ceac203cc Call Trace: [] avc_search_node security/selinux/avc.c:582 [inline] [] avc_lookup+0xcc/0x190 security/selinux/avc.c:610 [] avc_has_perm_noaudit security/selinux/avc.c:1110 [inline] [] avc_has_perm+0xfe/0x3a0 security/selinux/avc.c:1146 [] task_has_perm+0x1fc/0x330 security/selinux/hooks.c:1615 [] selinux_task_wait+0x23/0x30 security/selinux/hooks.c:3954 [] security_task_wait+0x73/0xb0 security/security.c:1032 [] wait_consider_task+0x2a1/0x3620 kernel/exit.c:1377 [] do_wait_thread kernel/exit.c:1490 [inline] [] do_wait+0x423/0x950 kernel/exit.c:1561 [] SYSC_wait4 kernel/exit.c:1693 [inline] [] SyS_wait4+0x12b/0x1f0 kernel/exit.c:1658 [] C_SYSC_wait4 kernel/compat.c:543 [inline] [] compat_SyS_wait4+0x254/0x290 kernel/compat.c:536 [] sys32_waitpid+0x25/0x30 arch/x86/ia32/sys_ia32.c:172 [] do_syscall_32_irqs_on arch/x86/entry/common.c:328 [inline] [] do_fast_syscall_32+0x2f1/0xa10 arch/x86/entry/common.c:390 [] entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137 Code: ce8 c15 c76 c1d c00 ce9 c9e cfe cff cff c4c c89 ce7 ce8 c08 c76 c1d c00 ce9 c23 cfe cff cff c0f c1f c00 c55 c48 c89 ce5 c48 c8b c75 c08 c65 c48 c8b c04 c25 c00 c7e c01 c00 c<65> c8b c15 c18 cc3 ccf c7e c81 ce2 c00 c01 c1f c00 c75 c2b c8b c90 c38 c12 c00 c00 c futex_wake_op: syz-executor.5 tries to shift op by 1024; fix this program