IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE INFO: task syz-executor.1:24881 blocked for more than 140 seconds. Not tainted 4.9.181+ #7 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D27944 24881 20902 0x00000000 0000000000000087 ffff8801c4c9df00 0000000000000000 ffff8801db721000 ffff8801da6f2f80 ffff8801db721018 ffff8801c7787680 ffffffff82809dbe 0000000000000246 ffff8801c4c9df00 0000000000000000 ffff8801db7218f0 Call Trace: [<00000000d5a464a6>] schedule+0x92/0x1c0 kernel/sched/core.c:3546 [<000000004bb91768>] __rt_mutex_slowlock+0x99/0x290 kernel/locking/rtmutex.c:1221 [<00000000f782797c>] rt_mutex_slowlock+0x199/0x4c0 kernel/locking/rtmutex.c:1293 [<00000000290aa5a8>] rt_mutex_fastlock kernel/locking/rtmutex.c:1439 [inline] [<00000000290aa5a8>] rt_mutex_lock+0x2d/0x40 kernel/locking/rtmutex.c:1499 [<00000000b7f572c7>] process_notifier drivers/misc/uid_sys_stats.c:636 [inline] [<00000000b7f572c7>] process_notifier+0x96/0x670 drivers/misc/uid_sys_stats.c:625 [<0000000019a40717>] notifier_call_chain+0xb4/0x1d0 kernel/notifier.c:93 [<0000000083fb691a>] __blocking_notifier_call_chain kernel/notifier.c:317 [inline] [<0000000083fb691a>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] [<0000000083fb691a>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] [<0000000083fb691a>] blocking_notifier_call_chain+0x80/0xa0 kernel/notifier.c:325 [<00000000c614522e>] profile_task_exit+0x1f/0x30 kernel/profile.c:140 [<000000002275e517>] do_exit+0x90/0x2aa0 kernel/exit.c:744 [<00000000be7f336c>] do_group_exit+0x111/0x300 kernel/exit.c:945 [<0000000031a320c9>] get_signal+0x377/0x1cb0 kernel/signal.c:2382 [<000000004ff3a5e5>] do_signal+0x9c/0x1920 arch/x86/kernel/signal.c:812 [<0000000003bd5b28>] exit_to_usermode_loop+0x11c/0x160 arch/x86/entry/common.c:159 [<00000000b014260d>] prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] [<00000000b014260d>] syscall_return_slowpath arch/x86/entry/common.c:266 [inline] [<00000000b014260d>] do_syscall_64+0x3ab/0x5c0 arch/x86/entry/common.c:293 [<00000000043986c6>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [<000000006d47484a>] check_hung_uninterruptible_tasks kernel/hung_task.c:169 [inline] #0: (rcu_read_lock){......}, at: [<000000006d47484a>] watchdog+0x14b/0xaf0 kernel/hung_task.c:263 #1: (tasklist_lock){.+.+..}, at: [<00000000d3629c71>] debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4336 2 locks held by rs:main Q:Reg/1898: #0: (&f->f_pos_lock){+.+.+.}, at: [<00000000dc00ae97>] __fdget_pos+0xa8/0xd0 fs/file.c:782 #1: (sb_writers#4){.+.+.+}, at: [<0000000081588577>] file_start_write include/linux/fs.h:2646 [inline] #1: (sb_writers#4){.+.+.+}, at: [<0000000081588577>] vfs_write+0x3e9/0x520 fs/read_write.c:558 1 lock held by rsyslogd/1901: #0: (&f->f_pos_lock){+.+.+.}, at: [<00000000dc00ae97>] __fdget_pos+0xa8/0xd0 fs/file.c:782 2 locks held by getty/2028: #0: (&tty->ldisc_sem){++++++}, at: [<00000000b30c69ff>] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377 #1: (&ldata->atomic_read_lock){+.+.+.}, at: [<0000000032a424b9>] n_tty_read+0x1fe/0x1820 drivers/tty/n_tty.c:2156 1 lock held by syz-executor.3/16992: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.2/11638: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 2 locks held by kworker/u4:26/17150: #0: ("events_unbound"){.+.+.+}, at: [<00000000e4ad8fa0>] process_one_work+0x790/0x1600 kernel/workqueue.c:2107 #1: ((&sub_info->work)){+.+.+.}, at: [<00000000d7cedfef>] process_one_work+0x7ce/0x1600 kernel/workqueue.c:2111 1 lock held by syz-executor.1/20901: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.1/24881: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.1/24888: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.1/24892: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.1/24925: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.2/24912: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.3/24914: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.3/24915: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by syz-executor.3/24919: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 1 lock held by modprobe/24927: #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:316 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain kernel/notifier.c:328 [inline] #0: ((task_exit_notifier).rwsem){.+.+..}, at: [<0000000076430722>] blocking_notifier_call_chain+0x6a/0xa0 kernel/notifier.c:325 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 24 Comm: khungtaskd Not tainted 4.9.181+ #7 ffff8801d98efcc8 ffffffff81b57db1 0000000000000000 0000000000000000 0000000000000000 ffffffff81099901 dffffc0000000000 ffff8801d98efd00 ffffffff81b6304c 0000000000000000 0000000000000000 0000000000000000 Call Trace: [<00000000b33224b9>] __dump_stack lib/dump_stack.c:15 [inline] [<00000000b33224b9>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<0000000069982ad9>] nmi_cpu_backtrace.cold+0x47/0x87 lib/nmi_backtrace.c:99 [<00000000e9414898>] nmi_trigger_cpumask_backtrace+0x124/0x155 lib/nmi_backtrace.c:60 [<00000000e86e7e04>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37 [<0000000063adb7e4>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline] [<0000000063adb7e4>] check_hung_task kernel/hung_task.c:126 [inline] [<0000000063adb7e4>] check_hung_uninterruptible_tasks kernel/hung_task.c:183 [inline] [<0000000063adb7e4>] watchdog+0x670/0xaf0 kernel/hung_task.c:263 [<0000000049b157bc>] kthread+0x278/0x310 kernel/kthread.c:211 [<00000000504b542c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 skipped: idling at pc 0xffffffff82818f11