device bridge_slave_1 left promiscuous mode bridge0: port 2(bridge_slave_1) entered disabled state device bridge_slave_0 left promiscuous mode bridge0: port 1(bridge_slave_0) entered disabled state INFO: task kworker/1:1:22 blocked for more than 140 seconds. kobject: 'rx-0' (00000000fd0a1a17): kobject_cleanup, parent 000000000c646758 Not tainted 5.0.0-rc4+ #25 kobject: 'rx-0' (00000000fd0a1a17): auto cleanup 'remove' event "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kobject: 'rx-0' (00000000fd0a1a17): kobject_uevent_env kworker/1:1 D26256 22 2 0x80000000 kobject: 'rx-0' (00000000fd0a1a17): kobject_uevent_env: uevent_suppress caused the event to drop! Workqueue: events switchdev_deferred_process_work kobject: 'rx-0' (00000000fd0a1a17): auto cleanup kobject_del Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 kobject: 'rx-0' (00000000fd0a1a17): calling ktype release kobject: 'rx-0': free name kobject: 'tx-0' (000000008747c327): kobject_cleanup, parent 000000000c646758 kobject: 'tx-0' (000000008747c327): auto cleanup 'remove' event kobject: 'tx-0' (000000008747c327): kobject_uevent_env kobject: 'tx-0' (000000008747c327): kobject_uevent_env: uevent_suppress caused the event to drop! kobject: 'tx-0' (000000008747c327): auto cleanup kobject_del kobject: 'tx-0' (000000008747c327): calling ktype release kobject: 'tx-0': free name schedule+0x92/0x180 kernel/sched/core.c:3529 kobject: 'queues' (000000000c646758): kobject_cleanup, parent (null) schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 kobject: 'queues' (000000000c646758): calling ktype release __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 kobject: 'queues' (000000000c646758): kset_release kobject: 'queues': free name kobject: '103' (000000009175e4cb): kobject_uevent_env kobject: '103' (000000009175e4cb): kobject_uevent_env: uevent_suppress caused the event to drop! kobject: 'batman_adv' (0000000094a3f9bc): kobject_uevent_env kobject: 'batman_adv' (0000000094a3f9bc): kobject_uevent_env: filter function caused the event to drop! mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:150 kobject: 'batman_adv' (0000000094a3f9bc): kobject_cleanup, parent (null) process_one_work+0x98e/0x1760 kernel/workqueue.c:2153 kobject: 'batman_adv' (0000000094a3f9bc): calling ktype release worker_thread+0x98/0xe40 kernel/workqueue.c:2296 kobject: (0000000094a3f9bc): dynamic_kobj_release kobject: 'batman_adv': free name kthread+0x357/0x430 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task kworker/0:2:2980 blocked for more than 140 seconds. Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/0:2 D26624 2980 2 0x80000000 Workqueue: events linkwatch_event Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 linkwatch_event+0xf/0x70 net/core/link_watch.c:236 process_one_work+0x98e/0x1760 kernel/workqueue.c:2153 worker_thread+0x98/0xe40 kernel/workqueue.c:2296 kthread+0x357/0x430 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 INFO: task syz-executor3:29071 blocked for more than 140 seconds. Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor3 D23472 29071 7902 0x00000004 Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 ieee80211_register_hw+0x1956/0x3d00 net/mac80211/main.c:1175 mac80211_hwsim_new_radio+0x1f0f/0x3dd0 drivers/net/wireless/mac80211_hwsim.c:2926 hwsim_new_radio_nl+0x9e3/0x1070 drivers/net/wireless/mac80211_hwsim.c:3474 genl_family_rcv_msg+0x6e1/0xd90 net/netlink/genetlink.c:601 genl_rcv_msg+0xca/0x16c net/netlink/genetlink.c:626 netlink_rcv_skb+0x17a/0x460 net/netlink/af_netlink.c:2485 genl_rcv+0x29/0x40 net/netlink/genetlink.c:637 netlink_unicast_kernel net/netlink/af_netlink.c:1310 [inline] netlink_unicast+0x536/0x720 net/netlink/af_netlink.c:1336 netlink_sendmsg+0x8ae/0xd70 net/netlink/af_netlink.c:1925 sock_sendmsg_nosec net/socket.c:621 [inline] sock_sendmsg+0xdd/0x130 net/socket.c:631 ___sys_sendmsg+0x806/0x930 net/socket.c:2138 __sys_sendmsg+0x105/0x1d0 net/socket.c:2176 __do_sys_sendmsg net/socket.c:2185 [inline] __se_sys_sendmsg net/socket.c:2183 [inline] __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2183 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: Bad RIP value. RSP: 002b:00007fc7f7a8ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 RDX: 0000000000000000 RSI: 0000000020000000 RDI: 000000000000000c RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc7f7a8f6d4 R13: 00000000004c538e R14: 00000000004d90c8 R15: 00000000ffffffff INFO: task syz-executor2:29088 blocked for more than 140 seconds. Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor2 D27152 29088 24599 0x00000004 Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 netdev_run_todo+0x565/0x7d0 net/core/dev.c:8899 rtnl_unlock+0xe/0x10 net/core/rtnetlink.c:117 tun_detach drivers/net/tun.c:747 [inline] tun_chr_close+0xfc/0x180 drivers/net/tun.c:3436 __fput+0x2df/0x8d0 fs/file_table.c:278 ____fput+0x16/0x20 fs/file_table.c:309 task_work_run+0x14a/0x1c0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x273/0x2c0 arch/x86/entry/common.c:166 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x52d/0x610 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: Bad RIP value. RSP: 002b:00007f225a17fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000457e39 RDX: 0000000020000780 RSI: 00000000400454ca RDI: 0000000000000006 RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f225a1806d4 R13: 00000000004c22e8 R14: 00000000004d4b80 R15: 00000000ffffffff INFO: task syz-executor0:29085 blocked for more than 140 seconds. Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor0 D26624 29085 28944 0x00000004 Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 netdev_run_todo+0x565/0x7d0 net/core/dev.c:8899 rtnl_unlock+0xe/0x10 net/core/rtnetlink.c:117 tun_detach drivers/net/tun.c:747 [inline] tun_chr_close+0xfc/0x180 drivers/net/tun.c:3436 __fput+0x2df/0x8d0 fs/file_table.c:278 ____fput+0x16/0x20 fs/file_table.c:309 task_work_run+0x14a/0x1c0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x273/0x2c0 arch/x86/entry/common.c:166 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x52d/0x610 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: Bad RIP value. RSP: 002b:00007f0710891c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000457e39 RDX: 0000000020000680 RSI: 00000000800454d7 RDI: 000000000000000c RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f07108926d4 R13: 00000000004c22a9 R14: 00000000004d4b38 R15: 00000000ffffffff INFO: task syz-executor0:29104 blocked for more than 140 seconds. kobject: 'rx-0' (0000000088669d00): kobject_cleanup, parent 0000000080003662 Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kobject: 'rx-0' (0000000088669d00): auto cleanup 'remove' event syz-executor0 D26960 29104 28944 0x00000004 Call Trace: kobject: 'rx-0' (0000000088669d00): kobject_uevent_env context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 kobject: 'rx-0' (0000000088669d00): kobject_uevent_env: uevent_suppress caused the event to drop! kobject: 'rx-0' (0000000088669d00): auto cleanup kobject_del schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 kobject: 'rx-0' (0000000088669d00): calling ktype release __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 kobject: 'rx-0': free name kobject: 'tx-0' (000000007169cbce): kobject_cleanup, parent 0000000080003662 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 kobject: 'tx-0' (000000007169cbce): auto cleanup 'remove' event kobject: 'tx-0' (000000007169cbce): kobject_uevent_env rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 kobject: 'tx-0' (000000007169cbce): kobject_uevent_env: uevent_suppress caused the event to drop! netdev_run_todo+0x565/0x7d0 net/core/dev.c:8899 kobject: 'tx-0' (000000007169cbce): auto cleanup kobject_del rtnl_unlock+0xe/0x10 net/core/rtnetlink.c:117 tun_detach drivers/net/tun.c:747 [inline] tun_chr_close+0xfc/0x180 drivers/net/tun.c:3436 __fput+0x2df/0x8d0 fs/file_table.c:278 kobject: 'tx-0' (000000007169cbce): calling ktype release ____fput+0x16/0x20 fs/file_table.c:309 task_work_run+0x14a/0x1c0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x273/0x2c0 arch/x86/entry/common.c:166 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x52d/0x610 arch/x86/entry/common.c:293 kobject: 'tx-0': free name entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: Bad RIP value. kobject: 'queues' (0000000080003662): kobject_cleanup, parent (null) RSP: 002b:00007f071082ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 kobject: 'queues' (0000000080003662): calling ktype release RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000457e39 kobject: 'queues' (0000000080003662): kset_release RDX: 0000000020000680 RSI: 00000000800454d7 RDI: 0000000000000007 kobject: 'queues': free name RBP: 000000000073c0e0 R08: 0000000000000000 R09: 0000000000000000 kobject: '102' (00000000facaffad): kobject_uevent_env R10: 0000000000000000 R11: 0000000000000246 R12: 00007f071082f6d4 kobject: '102' (00000000facaffad): kobject_uevent_env: uevent_suppress caused the event to drop! R13: 00000000004c22a9 R14: 00000000004d4b38 R15: 00000000ffffffff INFO: task syz-executor1:29132 blocked for more than 140 seconds. Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor1 D29776 29132 20835 0x00000004 Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 kobject: 'batman_adv' (000000004858949b): kobject_uevent_env schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 sock_do_ioctl+0x22d/0x320 net/socket.c:985 kobject: 'batman_adv' (000000004858949b): kobject_uevent_env: filter function caused the event to drop! kobject: 'batman_adv' (000000004858949b): kobject_cleanup, parent (null) sock_ioctl+0x331/0x620 net/socket.c:1096 kobject: 'batman_adv' (000000004858949b): calling ktype release kobject: (000000004858949b): dynamic_kobj_release kobject: 'batman_adv': free name vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:509 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:696 ksys_ioctl+0xab/0xd0 fs/ioctl.c:713 __do_sys_ioctl fs/ioctl.c:720 [inline] __se_sys_ioctl fs/ioctl.c:718 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:718 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: Bad RIP value. RSP: 002b:00007f5174f85c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 RDX: 0000000000400200 RSI: 0000000000008912 RDI: 0000000000000005 RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5174f866d4 R13: 00000000004c12ed R14: 00000000004d30e0 R15: 00000000ffffffff INFO: task syz-executor1:29133 blocked for more than 140 seconds. Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor1 D28672 29133 20835 0x00000004 Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock net/core/rtnetlink.c:77 [inline] rtnetlink_rcv_msg+0x40a/0xb00 net/core/rtnetlink.c:5195 netlink_rcv_skb+0x17a/0x460 net/netlink/af_netlink.c:2485 rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5216 netlink_unicast_kernel net/netlink/af_netlink.c:1310 [inline] netlink_unicast+0x536/0x720 net/netlink/af_netlink.c:1336 netlink_sendmsg+0x8ae/0xd70 net/netlink/af_netlink.c:1925 sock_sendmsg_nosec net/socket.c:621 [inline] sock_sendmsg+0xdd/0x130 net/socket.c:631 ___sys_sendmsg+0x806/0x930 net/socket.c:2138 __sys_sendmsg+0x105/0x1d0 net/socket.c:2176 __do_sys_sendmsg net/socket.c:2185 [inline] __se_sys_sendmsg net/socket.c:2183 [inline] __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2183 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: Bad RIP value. RSP: 002b:00007f5174f64c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000003 RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5174f656d4 R13: 00000000004c538e R14: 00000000004d90c8 R15: 00000000ffffffff INFO: task syz-executor1:29142 blocked for more than 140 seconds. Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor1 D29776 29142 20835 0x00000004 Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 sock_do_ioctl+0x22d/0x320 net/socket.c:985 sock_ioctl+0x331/0x620 net/socket.c:1096 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:509 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:696 ksys_ioctl+0xab/0xd0 fs/ioctl.c:713 __do_sys_ioctl fs/ioctl.c:720 [inline] __se_sys_ioctl fs/ioctl.c:718 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:718 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: Bad RIP value. RSP: 002b:00007f5174f22c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 RDX: 0000000000400200 RSI: 0000000000008912 RDI: 0000000000000008 RBP: 000000000073c180 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5174f236d4 R13: 00000000004c12ed R14: 00000000004d30e0 R15: 00000000ffffffff INFO: task syz-executor1:29143 blocked for more than 140 seconds. Not tainted 5.0.0-rc4+ #25 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor1 D28672 29143 20835 0x00000004 Call Trace: context_switch kernel/sched/core.c:2844 [inline] __schedule+0x817/0x1cc0 kernel/sched/core.c:3485 schedule+0x92/0x180 kernel/sched/core.c:3529 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x726/0x1310 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 rtnl_lock net/core/rtnetlink.c:77 [inline] rtnetlink_rcv_msg+0x40a/0xb00 net/core/rtnetlink.c:5195 netlink_rcv_skb+0x17a/0x460 net/netlink/af_netlink.c:2485 rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5216 netlink_unicast_kernel net/netlink/af_netlink.c:1310 [inline] netlink_unicast+0x536/0x720 net/netlink/af_netlink.c:1336 netlink_sendmsg+0x8ae/0xd70 net/netlink/af_netlink.c:1925 sock_sendmsg_nosec net/socket.c:621 [inline] sock_sendmsg+0xdd/0x130 net/socket.c:631 ___sys_sendmsg+0x806/0x930 net/socket.c:2138 __sys_sendmsg+0x105/0x1d0 net/socket.c:2176 __do_sys_sendmsg net/socket.c:2185 [inline] __se_sys_sendmsg net/socket.c:2183 [inline] __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2183 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: Bad RIP value. RSP: 002b:00007f5174f01c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000006 RBP: 000000000073c220 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5174f026d4 R13: 00000000004c538e R14: 00000000004d90c8 R15: 00000000ffffffff Showing all locks held in the system: kobject: 'rx-0' (000000007e75e812): kobject_cleanup, parent 00000000b777222f 3 locks held by kworker/1:1/22: #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:220 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: process_one_work+0x87e/0x1760 kernel/workqueue.c:2124 kobject: 'rx-0' (000000007e75e812): auto cleanup 'remove' event #1: 0000000080f650a4 (deferred_process_work){+.+.}, at: process_one_work+0x8b4/0x1760 kernel/workqueue.c:2128 kobject: 'rx-0' (000000007e75e812): kobject_uevent_env #2: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 1 lock held by khungtaskd/1039: kobject: 'rx-0' (000000007e75e812): kobject_uevent_env: uevent_suppress caused the event to drop! #0: 00000000c3c4b2a3 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e kernel/locking/lockdep.c:4389 kobject: 'rx-0' (000000007e75e812): auto cleanup kobject_del 3 locks held by kworker/0:2/2980: kobject: 'rx-0' (000000007e75e812): calling ktype release #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:220 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 000000001079f67a ((wq_completion)"events"){+.+.}, at: process_one_work+0x87e/0x1760 kernel/workqueue.c:2124 #1: 00000000f14f89e9 ((linkwatch_work).work){+.+.}, at: process_one_work+0x8b4/0x1760 kernel/workqueue.c:2128 #2: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 2 locks held by getty/7858: #0: 000000006e2c9ce7 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000e07adea2 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2154 kobject: 'rx-0': free name 2 locks held by getty/7859: kobject: 'tx-0' (00000000bc939fb2): kobject_cleanup, parent 00000000b777222f #0: 0000000005d189d3 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 0000000022aff0bf (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2154 kobject: 'tx-0' (00000000bc939fb2): auto cleanup 'remove' event 2 locks held by getty/7860: kobject: 'tx-0' (00000000bc939fb2): kobject_uevent_env #0: 00000000f9332073 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 000000002657ecc2 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2154 2 locks held by getty/7861: #0: 00000000681c7916 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000c1ea949b (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2154 2 locks held by getty/7862: kobject: 'tx-0' (00000000bc939fb2): kobject_uevent_env: uevent_suppress caused the event to drop! #0: 000000008b90cfc7 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 kobject: 'tx-0' (00000000bc939fb2): auto cleanup kobject_del #1: 000000009779514d (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2154 2 locks held by getty/7863: #0: 0000000052020a0b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000a2fa1e9c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2154 2 locks held by getty/7864: #0: 00000000d56734f4 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 kobject: 'tx-0' (00000000bc939fb2): calling ktype release #1: 000000003b19fa7c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2154 kobject: 'tx-0': free name 7 locks held by kworker/u4:7/10225: kobject: 'queues' (00000000b777222f): kobject_cleanup, parent (null) 3 locks held by kworker/1:4/23369: kobject: 'queues' (00000000b777222f): calling ktype release #0: 000000007c3e9df6 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: __write_once_size include/linux/compiler.h:220 [inline] #0: 000000007c3e9df6 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 000000007c3e9df6 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 000000007c3e9df6 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 000000007c3e9df6 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 000000007c3e9df6 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 000000007c3e9df6 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: process_one_work+0x87e/0x1760 kernel/workqueue.c:2124 kobject: 'queues' (00000000b777222f): kset_release #1: 00000000ef895dd2 ((addr_chk_work).work){+.+.}, at: process_one_work+0x8b4/0x1760 kernel/workqueue.c:2128 kobject: 'queues': free name #2: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 kobject: '101' (00000000c6804701): kobject_uevent_env 3 locks held by syz-executor3/29071: kobject: '101' (00000000c6804701): kobject_uevent_env: uevent_suppress caused the event to drop! #0: 000000001659b975 (cb_lock){++++}, at: genl_rcv+0x1a/0x40 net/netlink/genetlink.c:636 #1: 00000000b4821dd2 (genl_mutex){+.+.}, at: genl_lock net/netlink/genetlink.c:33 [inline] #1: 00000000b4821dd2 (genl_mutex){+.+.}, at: genl_rcv_msg+0x13e/0x16c net/netlink/genetlink.c:624 #2: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 1 lock held by syz-executor2/29088: #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 1 lock held by syz-executor0/29085: #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 1 lock held by syz-executor0/29104: #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 1 lock held by syz-executor1/29132: #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 1 lock held by syz-executor1/29133: #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock net/core/rtnetlink.c:77 [inline] #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 net/core/rtnetlink.c:5195 1 lock held by syz-executor1/29142: #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 1 lock held by syz-executor1/29143: kobject: 'batman_adv' (000000000c11e742): kobject_uevent_env #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock net/core/rtnetlink.c:77 [inline] #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 net/core/rtnetlink.c:5195 1 lock held by syz-executor5/29136: kobject: 'batman_adv' (000000000c11e742): kobject_uevent_env: filter function caused the event to drop! #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock net/core/rtnetlink.c:77 [inline] #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 net/core/rtnetlink.c:5195 kobject: 'batman_adv' (000000000c11e742): kobject_cleanup, parent (null) 1 lock held by syz-executor5/29138: #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock net/core/rtnetlink.c:77 [inline] #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x40a/0xb00 net/core/rtnetlink.c:5195 1 lock held by syz-executor4/29140: kobject: 'batman_adv' (000000000c11e742): calling ktype release #0: 00000000754586b9 (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77 kobject: (000000000c11e742): dynamic_kobj_release ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 1039 Comm: khungtaskd Not tainted 5.0.0-rc4+ #25 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 nmi_cpu_backtrace.cold+0x63/0xa4 lib/nmi_backtrace.c:101 kobject: 'batman_adv': free name nmi_trigger_cpumask_backtrace+0x1be/0x236 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline] watchdog+0x9df/0xee0 kernel/hung_task.c:287 kthread+0x357/0x430 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0x2/0x10 arch/x86/include/asm/irqflags.h:57