ieee802154 phy0 wpan0: encryption failed: -22 ieee802154 phy1 wpan1: encryption failed: -22 ieee802154 phy0 wpan0: encryption failed: -22 ieee802154 phy1 wpan1: encryption failed: -22 Bluetooth: hci3: command 0x0406 tx timeout INFO: task kworker/0:3:9123 blocked for more than 140 seconds. Not tainted 4.19.177-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/0:3 D26024 9123 2 0x80000000 Workqueue: events proc_cleanup_work Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1002 [inline] __mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072 exp_funnel_lock kernel/rcu/tree_exp.h:329 [inline] _synchronize_rcu_expedited+0x256/0x6f0 kernel/rcu/tree_exp.h:667 synchronize_rcu+0xc6/0x160 kernel/rcu/tree_plugin.h:818 kern_unmount fs/namespace.c:3272 [inline] kern_unmount+0x67/0xe0 fs/namespace.c:3267 process_one_work+0x864/0x1570 kernel/workqueue.c:2152 worker_thread+0x64c/0x1130 kernel/workqueue.c:2295 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 INFO: task syz-executor.0:10138 blocked for more than 140 seconds. Not tainted 4.19.177-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D28288 10138 8135 0x80000002 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline] rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618 call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x4f/0x90 kernel/locking/rwsem.c:72 unregister_netdevice_notifier+0x7b/0x330 net/core/dev.c:1708 raw_release+0x58/0x820 net/can/raw.c:358 __sock_release+0xcd/0x2a0 net/socket.c:579 watchdog: BUG: soft lockup - CPU#1 stuck for 134s! [syz-executor.3:28107] Modules linked in: irq event stamp: 19339059 sock_close+0x15/0x20 net/socket.c:1140 hardirqs last enabled at (19339058): [] trace_hardirqs_on_thunk+0x1a/0x1c hardirqs last disabled at (19339059): [] trace_hardirqs_off_thunk+0x1a/0x1c __fput+0x2ce/0x890 fs/file_table.c:278 softirqs last enabled at (19335018): [] __do_softirq+0x678/0x980 kernel/softirq.c:318 softirqs last disabled at (19335021): [] invoke_softirq kernel/softirq.c:372 [inline] softirqs last disabled at (19335021): [] irq_exit+0x215/0x260 kernel/softirq.c:412 CPU: 1 PID: 28107 Comm: syz-executor.3 Not tainted 4.19.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:preempt_count_add+0x56/0x190 kernel/sched/core.c:3238 Code: 08 84 d2 0f 85 2a 01 00 00 8b 0d 35 46 e2 0b 85 c9 75 07 65 8b 05 da 6d c0 7e 48 b8 00 00 00 00 00 fc ff df 48 89 da 83 e3 07 <48> c1 ea 03 83 c3 03 65 01 2d bc 6d c0 7e 0f b6 04 02 38 c3 7c 08 RSP: 0018:ffff8880ba107d08 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: ffffffff8d23b760 RSI: 0000000000000004 RDI: 0000000000000001 RBP: 0000000000000001 R08: 0000000000000000 R09: ffffed1017424552 R10: ffff8880ba122a93 R11: 0000000000000000 R12: ffff888052ff8524 R13: ffff888049df4398 R14: 0000000000000000 R15: ffff888049df4280 FS: 00007ff87defe700(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc4d4927f60 CR3: 0000000009e6d000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: rcu_lockdep_current_cpu_online kernel/rcu/tree.c:1076 [inline] rcu_lockdep_current_cpu_online+0x32/0x1b0 kernel/rcu/tree.c:1068 rcu_read_lock_sched_held+0xd3/0x1d0 kernel/rcu/update.c:115 trace_consume_skb include/trace/events/skb.h:37 [inline] consume_skb+0x322/0x3d0 net/core/skbuff.c:713 mac80211_hwsim_tx_frame+0x133/0x210 drivers/net/wireless/mac80211_hwsim.c:1557 task_work_run+0x148/0x1c0 kernel/task_work.c:113 mac80211_hwsim_beacon_tx+0x3f8/0x680 drivers/net/wireless/mac80211_hwsim.c:1595 exit_task_work include/linux/task_work.h:22 [inline] do_exit+0xbf3/0x2be0 kernel/exit.c:870 __iterate_interfaces+0x2e1/0x4a0 net/mac80211/util.c:614 ieee80211_iterate_active_interfaces_atomic+0x8d/0x170 net/mac80211/util.c:650 mac80211_hwsim_beacon+0xc9/0x190 drivers/net/wireless/mac80211_hwsim.c:1615 __tasklet_hrtimer_trampoline+0x29/0xa0 kernel/softirq.c:601 tasklet_action_common.constprop.0+0x265/0x360 kernel/softirq.c:522 __do_softirq+0x265/0x980 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:372 [inline] irq_exit+0x215/0x260 kernel/softirq.c:412 exiting_irq arch/x86/include/asm/apic.h:535 [inline] smp_apic_timer_interrupt+0x136/0x550 arch/x86/kernel/apic/apic.c:1098 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894 RIP: 0010:pte_val arch/x86/include/asm/paravirt.h:389 [inline] RIP: 0010:pte_pfn arch/x86/include/asm/pgtable.h:197 [inline] RIP: 0010:_vm_normal_page+0x81/0x510 mm/memory.c:834 Code: 65 48 8b 04 25 28 00 00 00 48 89 44 24 68 31 c0 48 89 54 24 30 e8 3f 1b d7 ff 4c 8d 7c 24 30 4c 89 f8 48 c1 e8 03 80 3c 18 00 <0f> 85 16 04 00 00 48 c7 c0 b8 14 cf 89 4c 8b 64 24 30 48 ba 00 00 RSP: 0018:ffff888031eff6c8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 RAX: 1ffff110063dfedf RBX: dffffc0000000000 RCX: 0000000000000001 RDX: 0000000000000000 RSI: ffffffff818b43e1 RDI: ffff88809b52b420 RBP: 1ffff110063dfedb R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000005 R11: 0000000000000000 R12: 80000000aa506007 R13: ffff88809b52b420 R14: 00007ff87ecd5000 R15: ffff888031eff6f8 zap_pte_range mm/memory.c:1323 [inline] zap_pmd_range mm/memory.c:1452 [inline] zap_pud_range mm/memory.c:1481 [inline] zap_p4d_range mm/memory.c:1502 [inline] unmap_page_range+0xfba/0x2a70 mm/memory.c:1523 unmap_single_vma+0x198/0x300 mm/memory.c:1568 unmap_vmas+0xa9/0x180 mm/memory.c:1598 exit_mmap+0x2b9/0x530 mm/mmap.c:3093 __mmput kernel/fork.c:1015 [inline] mmput+0x14e/0x4a0 kernel/fork.c:1036 exit_mm kernel/exit.c:549 [inline] do_exit+0xaec/0x2be0 kernel/exit.c:857 do_group_exit+0x125/0x310 kernel/exit.c:967 get_signal+0x3f2/0x1f70 kernel/signal.c:2589 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:821 do_group_exit+0x125/0x310 kernel/exit.c:967 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x465ef9 Code: Bad RIP value. RSP: 002b:00007ff87defe188 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 RAX: 0000000000000010 RBX: 000000000056bf60 RCX: 0000000000465ef9 RDX: 0400000000000010 RSI: 0000000020007fc0 RDI: 0000000000000003 RBP: 00000000004bcd1c R08: 0000000000000000 R09: 0000000000000000 R10: 2000000000000000 R11: 0000000000000246 R12: 000000000056bf60 R13: 00007fffaf55834f R14: 00007ff87defe300 R15: 0000000000022000 Sending NMI from CPU 1 to CPUs 0: get_signal+0x3f2/0x1f70 kernel/signal.c:2589 NMI backtrace for cpu 0 CPU: 0 PID: 1562 Comm: khungtaskd Not tainted 4.19.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:rcu_lockdep_current_cpu_online kernel/rcu/tree.c:1080 [inline] RIP: 0010:rcu_lockdep_current_cpu_online+0xfd/0x1b0 kernel/rcu/tree.c:1068 Code: cf 89 48 8d 7b 20 48 89 f8 48 c1 e8 03 80 3c 28 00 0f 85 a8 00 00 00 48 8d 7b 28 4c 8b 6b 20 48 89 f8 48 c1 e8 03 80 3c 28 00 <0f> 85 99 00 00 00 49 8d 7d 68 48 8b 5b 28 48 89 f8 48 c1 e8 03 80 RSP: 0018:ffff8880ba007f80 EFLAGS: 00000046 RAX: 1ffff110174057c5 RBX: ffff8880ba02be00 RCX: ffffffff8375a0c3 RDX: 1ffffffff139e1e0 RSI: ffffffff8375a0d1 RDI: ffff8880ba02be28 RBP: dffffc0000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000005 R11: ffffffff8c65d01b R12: ffffffff89f88080 R13: ffffffff89f88080 R14: 0000000000000000 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ff912975020 CR3: 000000009e526000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: rcu_read_lock_sched_held+0xd3/0x1d0 kernel/rcu/update.c:115 trace_local_timer_entry arch/x86/include/asm/trace/irq_vectors.h:56 [inline] smp_apic_timer_interrupt+0x3fb/0x550 arch/x86/kernel/apic/apic.c:1095 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894 RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline] RIP: 0010:console_trylock_spinning kernel/printk/printk.c:1724 [inline] RIP: 0010:vprintk_emit+0x668/0x740 kernel/printk/printk.c:1964 Code: 48 b8 00 00 00 00 00 fc ff df 41 80 7c 05 00 00 0f 85 d9 00 00 00 48 83 3d 6c bd a3 08 00 74 37 e8 7d 9a 14 00 48 89 df 57 9d <0f> 1f 44 00 00 e9 82 fe ff ff e8 69 9a 14 00 0f 0b e8 62 9a 14 00 RSP: 0018:ffff8880b288fbe8 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13 RAX: ffff8880b287a640 RBX: 0000000000000293 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff814dc4a3 RDI: 0000000000000293 RBP: ffff8880b288fc28 R08: ffffffff8cd485f0 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000018 R13: 1ffffffff13e3041 R14: 0000000000000200 R15: 0000000000000001 vprintk_func+0x79/0x180 kernel/printk/printk_safe.c:397 printk+0xba/0xed kernel/printk/printk.c:2040 printk_stack_address arch/x86/kernel/dumpstack.c:71 [inline] show_trace_log_lvl+0x21e/0x2b4 arch/x86/kernel/dumpstack.c:258 sched_show_task.cold+0x332/0x396 kernel/sched/core.c:5337 check_hung_task kernel/hung_task.c:136 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline] watchdog.cold+0xb1/0xc4 kernel/hung_task.c:287 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415