[21484] 0 21484 18243 8753 30 4 0 0 syz-executor.2 [21646] 0 21646 18243 8757 29 4 0 0 syz-executor.2 [21683] 0 21683 18210 8750 27 4 0 0 syz-executor.1 [21700] 0 21700 18210 8754 26 5 0 0 syz-executor.3 INFO: task kworker/0:1:22 blocked for more than 140 seconds. [21748] 0 21748 18144 8716 25 3 0 0 syz-executor.4 Not tainted 4.14.149+ #0 [21753] 0 21753 18243 10317 34 4 0 0 syz-executor.2 [21760] 0 21760 18243 8725 28 3 0 0 syz-executor.4 [21797] 0 21797 18144 8716 25 3 0 0 syz-executor.4 [21922] 0 21922 18144 8749 26 4 0 0 syz-executor.4 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [21966] 0 21966 18177 8718 28 3 0 0 syz-executor.0 kworker/0:1 D26912 22 2 0x80000000 Workqueue: events linkwatch_event Call Trace: [22000] 0 22000 18309 8726 28 3 0 0 syz-executor.0 [22023] 0 22023 18177 8750 26 4 0 0 syz-executor.2 [22064] 0 22064 18177 8749 27 5 0 0 syz-executor.3 schedule+0x92/0x1c0 kernel/sched/core.c:3498 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556 [22085] 0 22085 18144 8750 28 4 0 0 syz-executor.4 [22178] 0 22178 18309 8758 26 5 0 0 syz-executor.3 [22362] 0 22362 18243 11190 30 4 0 0 syz-executor.1 [22481] 0 22481 18144 8748 26 4 0 0 syz-executor.2 [22575] 0 22575 18177 8748 26 5 0 0 syz-executor.3 __mutex_lock_common kernel/locking/mutex.c:833 [inline] __mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893 [22929] 0 22929 18144 8749 26 4 0 0 syz-executor.2 [22999] 0 22999 34628 8763 28 5 0 0 syz-executor.3 [23105] 0 23105 18177 8748 26 5 0 0 syz-executor.3 linkwatch_event+0xa/0x50 net/core/link_watch.c:236 process_one_work+0x7f1/0x1580 kernel/workqueue.c:2134 worker_thread+0xdd/0xdf0 kernel/workqueue.c:2271 kthread+0x31f/0x430 kernel/kthread.c:232 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:404 INFO: task kworker/u4:3:1865 blocked for more than 140 seconds. Not tainted 4.14.149+ #0 [23108] 0 23108 18144 8747 26 5 0 0 syz-executor.3 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/u4:3 D25696 1865 2 0x80000000 [23226] 0 23226 18144 8716 25 3 0 0 syz-executor.2 Workqueue: netns cleanup_net Call Trace: [23228] 0 23228 18177 8718 25 3 0 0 syz-executor.2 [23291] 0 23291 18177 8747 26 4 0 0 syz-executor.1 [23449] 0 23449 18177 8749 26 4 0 0 syz-executor.2 schedule+0x92/0x1c0 kernel/sched/core.c:3498 [23512] 0 23512 18144 8747 26 5 0 0 syz-executor.3 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556 __mutex_lock_common kernel/locking/mutex.c:833 [inline] __mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893 [23557] 0 23557 18210 8774 27 4 0 0 syz-executor.4 [23605] 0 23605 18210 8774 27 4 0 0 syz-executor.4 [23620] 0 23620 18177 8750 26 4 0 0 syz-executor.4 raw_close+0xe/0x30 net/ipv4/raw.c:699 inet_release+0xe9/0x1c0 net/ipv4/af_inet.c:423 __sock_release+0x206/0x2c0 net/socket.c:602 [23676] 0 23676 18177 13229 32 3 0 0 syz-executor.4 inet_ctl_sock_destroy include/net/inet_common.h:52 [inline] tcp_sk_exit+0x103/0x1b0 net/ipv4/tcp_ipv4.c:2447 ops_exit_list.isra.0+0xa8/0x150 net/core/net_namespace.c:142 [23690] 0 23690 18208 13229 32 3 0 0 syz-executor.4 cleanup_net+0x3ce/0x870 net/core/net_namespace.c:484 [23709] 0 23709 18144 8744 26 4 0 0 syz-executor.1 [23818] 0 23818 18144 8704 24 3 0 0 syz-executor.0 process_one_work+0x7f1/0x1580 kernel/workqueue.c:2134 [23944] 0 23944 18177 8750 26 4 0 0 syz-executor.4 worker_thread+0xdd/0xdf0 kernel/workqueue.c:2271 kthread+0x31f/0x430 kernel/kthread.c:232 [24194] 0 24194 18177 8749 27 5 0 0 syz-executor.3 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:404 [24542] 0 24542 18144 8716 25 3 0 0 syz-executor.2 INFO: task syz-executor.2:29295 blocked for more than 140 seconds. Not tainted 4.14.149+ #0 [24561] 0 24561 18177 8750 26 4 0 0 syz-executor.2 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [24777] 0 24777 18144 8716 25 3 0 0 syz-executor.4 [24794] 0 24794 18210 8722 25 3 0 0 syz-executor.4 [24902] 0 24902 18144 8745 26 4 0 0 syz-executor.1 [24962] 0 24962 18177 8750 26 5 0 0 syz-executor.3 [25008] 0 25008 18177 8716 26 3 0 0 syz-executor.0 [25031] 0 25031 18276 8722 26 3 0 0 syz-executor.0 [25139] 0 25139 18144 8747 26 5 0 0 syz-executor.3 [25194] 0 25194 18243 8756 28 5 0 0 syz-executor.3 [25202] 0 25202 18243 8756 28 5 0 0 syz-executor.3 [25205] 0 25205 18144 8712 25 3 0 0 syz-executor.1 syz-executor.2 D27680 29295 28097 0x80000006 Call Trace: [25208] 0 25208 18177 8714 25 3 0 0 syz-executor.1 [25705] 0 25705 18177 8751 28 4 0 0 syz-executor.4 schedule+0x92/0x1c0 kernel/sched/core.c:3498 _synchronize_rcu_expedited+0x5a8/0x840 kernel/rcu/tree_exp.h:615 [25730] 0 25730 18178 8749 26 4 0 0 syz-executor.4 [26011] 0 26011 18210 8753 29 4 0 0 syz-executor.1 [26145] 0 26145 18144 8746 26 4 0 0 syz-executor.0 [26354] 0 26354 18276 8757 27 4 0 0 syz-executor.2 [26440] 0 26440 18144 8749 27 4 0 0 syz-executor.4 [26463] 0 26463 18211 10479 34 4 0 0 syz-executor.2 [26493] 0 26493 18244 10017 34 4 0 0 syz-executor.2 [26502] 0 26502 18177 13260 33 4 0 0 syz-executor.3 [26632] 0 26632 18144 8714 24 3 0 0 syz-executor.4 [26649] 0 26649 18177 8717 25 3 0 0 syz-executor.4 [26696] 0 26696 18309 8761 28 4 0 0 syz-executor.4 [26744] 0 26744 18309 8761 28 4 0 0 syz-executor.4 [26780] 0 26780 18309 8771 29 4 0 0 syz-executor.5 synchronize_net+0x2b/0x40 net/core/dev.c:8222 dev_deactivate_many+0x3cf/0x980 net/sched/sch_generic.c:935 __dev_close_many+0x10a/0x260 net/core/dev.c:1441 [26930] 0 26930 18177 8750 26 4 0 0 syz-executor.5 [27089] 0 27089 18177 8749 27 4 0 0 syz-executor.5 [27223] 0 27223 18177 8749 26 5 0 0 syz-executor.3 dev_close_many+0x215/0x600 net/core/dev.c:1479 [27404] 0 27404 18177 8717 25 3 0 0 syz-executor.5 rollback_registered_many+0x35b/0xab0 net/core/dev.c:7191 [27411] 0 27411 18210 8720 25 3 0 0 syz-executor.5 rollback_registered+0xe6/0x1a0 net/core/dev.c:7255 unregister_netdevice_queue net/core/dev.c:8248 [inline] unregister_netdevice_queue+0x1a1/0x220 net/core/dev.c:8241 unregister_netdevice include/linux/netdevice.h:2437 [inline] __tun_detach+0xa9d/0xcf0 drivers/net/tun.c:576 tun_detach drivers/net/tun.c:586 [inline] tun_chr_close+0x41/0x60 drivers/net/tun.c:2660 __fput+0x25e/0x710 fs/file_table.c:210 task_work_run+0x125/0x1a0 kernel/task_work.c:113 [27436] 0 27436 18177 8751 26 4 0 0 syz-executor.2 exit_task_work include/linux/task_work.h:22 [inline] do_exit+0x9cb/0x2a20 kernel/exit.c:875 [27497] 0 27497 18277 11348 33 4 0 0 syz-executor.5 do_group_exit+0x100/0x2e0 kernel/exit.c:978 get_signal+0x39f/0x1cc0 kernel/signal.c:2422 [27514] 0 27514 18277 11617 33 4 0 0 syz-executor.5 do_signal+0x96/0x15d0 arch/x86/kernel/signal.c:814 [27528] 0 27528 18243 9634 27 4 0 0 syz-executor.5 [27537] 0 27537 18243 9400 27 4 0 0 syz-executor.5 [27605] 0 27605 18277 12034 34 4 0 0 syz-executor.0 exit_to_usermode_loop+0x11d/0x160 arch/x86/entry/common.c:160 [27618] 0 27618 18244 10856 33 4 0 0 syz-executor.5 prepare_exit_to_usermode arch/x86/entry/common.c:199 [inline] syscall_return_slowpath arch/x86/entry/common.c:270 [inline] do_syscall_64+0x3a3/0x520 arch/x86/entry/common.c:297 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x459a59 RSP: 002b:00007ff0569a8cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [27683] 0 27683 18243 9563 28 4 0 0 syz-executor.4 [27689] 0 27689 18244 11714 34 4 0 0 syz-executor.0 RAX: fffffffffffffe00 RBX: 000000000075c1c8 RCX: 0000000000459a59 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000075c1c8 RBP: 000000000075c1c0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075c1cc [27768] 0 27768 18276 9628 28 4 0 0 syz-executor.0 [27822] 0 27822 18277 11549 34 4 0 0 syz-executor.0 R13: 00007ffeb06f3a7f R14: 00007ff0569a99c0 R15: 000000000075c1cc [27855] 0 27855 18244 11375 34 4 0 0 syz-executor.4 [27917] 0 27917 18244 12847 33 5 0 0 syz-executor.3 [27962] 0 27962 18277 12848 34 4 0 0 syz-executor.0 Showing all locks held in the system: 1 lock held by init/1: [28026] 0 28026 18276 9864 28 5 0 0 syz-executor.3 #0: (&ei->i_mmap_sem){++++}, at: [<00000000f04a7e86>] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6232 3 locks held by kworker/1:0/18: #0: ("%s"("ipv6_addrconf")){+.+.}, at: [<0000000072f6bece>] process_one_work+0x6ff/0x1580 kernel/workqueue.c:2105 #1: ((addr_chk_work).work){+.+.}, at: [<00000000987d21e6>] process_one_work+0x735/0x1580 kernel/workqueue.c:2109 #2: (rtnl_mutex){+.+.}, at: [<000000002ad792bf>] addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4431 3 locks held by kworker/0:1/22: #0: ("events"){+.+.}, at: [<0000000072f6bece>] process_one_work+0x6ff/0x1580 kernel/workqueue.c:2105 [28058] 0 28058 18277 12848 34 4 0 0 syz-executor.0 #1: ((linkwatch_work).work){+.+.}, at: [<00000000987d21e6>] process_one_work+0x735/0x1580 kernel/workqueue.c:2109 #2: (rtnl_mutex){+.+.}, at: [<0000000053a3dae9>] linkwatch_event+0xa/0x50 net/core/link_watch.c:236 1 lock held by khungtaskd/23: #0: (tasklist_lock){.+.+}, at: [<000000004da43c95>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4544 2 locks held by getty/1772: #0: (&tty->ldisc_sem){++++}, at: [<00000000bfed1f33>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284 #1: (&ldata->atomic_read_lock){+.+.}, at: [<000000006fb4692d>] n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156 1 lock held by syz-fuzzer/1804: #0: (&ei->i_mmap_sem){++++}, at: [<00000000f04a7e86>] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6232 4 locks held by kworker/u4:3/1865: #0: ("%s""netns"){+.+.}, at: [<0000000072f6bece>] process_one_work+0x6ff/0x1580 kernel/workqueue.c:2105 #1: (net_cleanup_work){+.+.}, at: [<00000000987d21e6>] process_one_work+0x735/0x1580 kernel/workqueue.c:2109 #2: (net_mutex){+.+.}, at: [<00000000f8635470>] cleanup_net+0x136/0x870 net/core/net_namespace.c:450 #3: (rtnl_mutex){+.+.}, at: [<00000000be657a6b>] raw_close+0xe/0x30 net/ipv4/raw.c:699 1 lock held by syz-executor.3/19505: #0: (&xt[i].mutex){+.+.}, at: [<000000003e9c608d>] xt_find_table_lock+0x35/0x3d0 net/netfilter/x_tables.c:1092 [28074] 0 28074 18244 12848 34 4 0 0 syz-executor.4 1 lock held by syz-executor.5/13455: #0: (&xt[i].mutex){+.+.}, at: [<000000003e9c608d>] xt_find_table_lock+0x35/0x3d0 net/netfilter/x_tables.c:1092 1 lock held by syz-executor.2/28097: #0: (&type->i_mutex_dir_key#3){++++}, at: [<000000003896c0bf>] inode_lock_shared include/linux/fs.h:734 [inline] #0: (&type->i_mutex_dir_key#3){++++}, at: [<000000003896c0bf>] lookup_slow+0x140/0x440 fs/namei.c:1772 2 locks held by syz-executor.2/29295: #0: (rtnl_mutex){+.+.}, at: [<00000000bc73feed>] tun_detach drivers/net/tun.c:585 [inline] #0: (rtnl_mutex){+.+.}, at: [<00000000bc73feed>] tun_chr_close+0x34/0x60 drivers/net/tun.c:2660 [28090] 0 28090 18244 12848 34 4 0 0 syz-executor.2 #1: (rcu_preempt_state.exp_mutex){+.+.}, at: [<00000000995b577c>] exp_funnel_lock kernel/rcu/tree_exp.h:272 [inline] #1: (rcu_preempt_state.exp_mutex){+.+.}, at: [<00000000995b577c>] _synchronize_rcu_expedited+0x308/0x840 kernel/rcu/tree_exp.h:596 2 locks held by kworker/u4:0/8662: #0: ("events_unbound"){+.+.}, at: [<0000000072f6bece>] process_one_work+0x6ff/0x1580 kernel/workqueue.c:2105 #1: ((&sub_info->work)){+.+.}, at: [<00000000987d21e6>] process_one_work+0x735/0x1580 kernel/workqueue.c:2109 2 locks held by kworker/u4:4/9610: #0: ("events_unbound"){+.+.}, at: [<0000000072f6bece>] process_one_work+0x6ff/0x1580 kernel/workqueue.c:2105 #1: ((&sub_info->work)){+.+.}, at: [<00000000987d21e6>] process_one_work+0x735/0x1580 kernel/workqueue.c:2109 ============================================= [28135] 0 28135 18276 10230 28 4 0 0 syz-executor.5 NMI backtrace for cpu 0 CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.149+ #0 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0xca/0x134 lib/dump_stack.c:53 nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x119/0x147 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline] watchdog+0x629/0xbe0 kernel/hung_task.c:274 [28168] 0 28168 18277 10873 34 4 0 0 syz-executor.0 [28282] 0 28282 18276 9470 28 4 0 0 syz-executor.0 kthread+0x31f/0x430 kernel/kthread.c:232 [28325] 0 28325 18277 10700 34 4 0 0 syz-executor.0 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:404 [28365] 0 28365 18277 10782 34 4 0 0 syz-executor.0 Sending NMI from CPU 0 to CPUs 1: [28447] 0 28447 18277 11129 33 5 0 0 syz-executor.3 NMI backtrace for cpu 1 CPU: 1 PID: 17898 Comm: modprobe Not tainted 4.14.149+ #0 task: 00000000028e12f8 task.stack: 00000000ed060d40 RIP: 0010:debug_lockdep_rcu_enabled.part.0+0x26/0x50 kernel/rcu/update.c:300 RSP: 0000:ffff8881dbb07d78 EFLAGS: 00000807 RAX: dffffc0000000000 RBX: ffff88801ca81780 RCX: 1ffffffff4b82b08 RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88801ca81fac RBP: ffff8881dbb22858 R08: 0000000000000001 R09: fffffbfff4bc5cd6 R10: fffffbfff4bc5cd5 R11: ffffffffa5e2e6ab R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 FS: 00007fba2087e700(0000) GS:ffff8881dbb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f267ec41000 CR3: 0000000046552002 CR4: 00000000001606a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 Call Trace: trace_lock_acquire include/trace/events/lock.h:13 [inline] lock_acquire+0x1ee/0x360 kernel/locking/lockdep.c:3993 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:128 [inline] _raw_spin_lock_irq+0x36/0x40 kernel/locking/spinlock.c:168 expire_timers+0x22f/0x4c0 kernel/time/timer.c:1319 __run_timers kernel/time/timer.c:1636 [inline] run_timer_softirq+0x1eb/0x5d0 kernel/time/timer.c:1649 __do_softirq+0x234/0x9ec kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x114/0x150 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:648 [inline] smp_apic_timer_interrupt+0x1a7/0x650 arch/x86/kernel/apic/apic.c:1102 apic_timer_interrupt+0x8c/0xa0 arch/x86/entry/entry_64.S:792 RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline] RIP: 0010:console_trylock_spinning kernel/printk/printk.c:1679 [inline] RIP: 0010:vprintk_emit+0x302/0x330 kernel/printk/printk.c:1916 RSP: 0000:ffff88801cac7638 EFLAGS: 00000297 ORIG_RAX: ffffffffffffff10 RAX: 0000000000000007 RBX: 0000000000000297 RCX: 1ffff11003950409 RDX: 0000000000000000 RSI: ffff88801ca82028 RDI: 0000000000000297 RBP: ffff88801cac7670 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 000000000000005b R13: 0000000000000000 R14: ffff88801cac76c8 R15: ffff8881daae4680 vprintk_func+0x58/0x152 kernel/printk/printk_safe.c:401 printk+0xba/0xed kernel/printk/printk.c:1990 dump_tasks mm/oom_kill.c:396 [inline] dump_header+0x7ab/0x848 mm/oom_kill.c:428 oom_kill_process.cold+0x10/0xde6 mm/oom_kill.c:861 out_of_memory mm/oom_kill.c:1084 [inline] out_of_memory+0x2d2/0xab0 mm/oom_kill.c:1023 __alloc_pages_may_oom mm/page_alloc.c:3415 [inline] __alloc_pages_slowpath mm/page_alloc.c:4112 [inline] __alloc_pages_nodemask+0x1988/0x2370 mm/page_alloc.c:4277 __alloc_pages include/linux/gfp.h:461 [inline] __alloc_pages_node include/linux/gfp.h:474 [inline] alloc_pages_node include/linux/gfp.h:488 [inline] alloc_zeroed_user_highpage_movable include/linux/highmem.h:184 [inline] wp_page_copy+0xd5c/0x1610 mm/memory.c:2497 do_wp_page+0x273/0x19d0 mm/memory.c:2784 handle_pte_fault mm/memory.c:4005 [inline] __handle_mm_fault+0xdec/0x2700 mm/memory.c:4113 handle_mm_fault+0x2f1/0x6da mm/memory.c:4150 __do_page_fault+0x477/0xbb0 arch/x86/mm/fault.c:1420 page_fault+0x42/0x50 arch/x86/entry/entry_64.S:1122 RIP: 2044b038:0x7fba200e2ac0 RSP: 756e6547:00007ffc686d5f10 EFLAGS: 7fba200c4000 Code: 00 00 00 00 00 48 b8 00 00 00 00 00 fc ff df 53 65 48 8b 1c 25 c0 de 01 00 48 8d bb 2c 08 00 00 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 0f 8b 93 2c 08