watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [kworker/0:0:5] Modules linked in: irq event stamp: 5512878 hardirqs last enabled at (5512877): [] trace_hardirqs_on_thunk+0x1a/0x1c arch/x86/entry/thunk_64.S:41 hardirqs last disabled at (5512878): [] trace_hardirqs_off_thunk+0x1a/0x1c arch/x86/entry/thunk_64.S:42 softirqs last enabled at (5510042): [] __do_softirq+0x6ef/0x9f7 kernel/softirq.c:319 softirqs last disabled at (5509997): [] invoke_softirq kernel/softirq.c:373 [inline] softirqs last disabled at (5509997): [] irq_exit+0x192/0x1d0 kernel/softirq.c:413 CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.7.0-rc1-next-20200415-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events free_work RIP: 0010:csd_lock_wait kernel/smp.c:109 [inline] RIP: 0010:smp_call_function_single+0x18d/0x480 kernel/smp.c:311 Code: 00 48 8b 4c 24 08 48 8b 54 24 10 48 8d 74 24 40 8b 7c 24 1c e8 d4 f9 ff ff 41 89 c5 eb 07 e8 7a d5 0a 00 f3 90 44 8b 64 24 58 <31> ff 41 83 e4 01 44 89 e6 e8 05 d7 0a 00 45 85 e4 75 e1 e8 5b d5 RSP: 0018:ffffc90000cbf9a0 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13 RAX: ffff8880a9598140 RBX: 1ffff92000197f38 RCX: ffffffff81685f2b RDX: 0000000000000000 RSI: ffffffff81685f16 RDI: 0000000000000005 RBP: ffffc90000cbfa78 R08: ffff8880a9598140 R09: ffffed1015ce7129 R10: ffff8880ae738947 R11: ffffed1015ce7128 R12: 0000000000000003 R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000040 FS: 0000000000000000(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055f21eb669a8 CR3: 0000000063872000 CR4: 00000000001426f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: smp_call_function_many_cond+0x1a3/0x980 kernel/smp.c:447 smp_call_function_many kernel/smp.c:506 [inline] smp_call_function+0x40/0x80 kernel/smp.c:528 on_each_cpu+0x2a/0x1e0 kernel/smp.c:628 flush_tlb_kernel_range+0x197/0x250 arch/x86/mm/tlb.c:839 __purge_vmap_area_lazy+0xcc4/0x1f60 mm/vmalloc.c:1329 try_purge_vmap_area_lazy mm/vmalloc.c:1348 [inline] free_vmap_area_noflush+0x2bc/0x370 mm/vmalloc.c:1384 free_unmap_vmap_area mm/vmalloc.c:1397 [inline] remove_vm_area+0x1c7/0x230 mm/vmalloc.c:2217 vm_remove_mappings mm/vmalloc.c:2244 [inline] __vunmap+0x232/0x960 mm/vmalloc.c:2306 free_work+0x58/0x70 mm/vmalloc.c:66 process_one_work+0x965/0x16a0 kernel/workqueue.c:2268 worker_thread+0x96/0xe20 kernel/workqueue.c:2414 kthread+0x388/0x470 kernel/kthread.c:268 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 7539 Comm: syz-executor.5 Not tainted 5.7.0-rc1-next-20200415-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__read_once_size include/linux/compiler.h:232 [inline] RIP: 0010:trylock_clear_pending kernel/locking/qspinlock_paravirt.h:121 [inline] RIP: 0010:pv_wait_head_or_lock kernel/locking/qspinlock_paravirt.h:435 [inline] RIP: 0010:__pv_queued_spin_lock_slowpath+0x3b1/0xb60 kernel/locking/qspinlock.c:508 Code: 83 e3 07 41 be 01 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8d 2c 01 eb 0c f3 90 41 83 ec 01 0f 84 ea 04 00 00 41 0f b6 45 00 <38> d8 7f 08 84 c0 0f 85 34 06 00 00 0f b6 45 00 84 c0 75 db be 02 RSP: 0018:ffffc900084bf798 EFLAGS: 00000206 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 1ffffffff134ca0c RDX: 0000000000000001 RSI: ffffffff8178c0c5 RDI: 0000000000000286 RBP: ffffffff89a65060 R08: ffff888058d98180 R09: fffffbfff186273d R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000001190 R13: fffffbfff134ca0c R14: 0000000000000001 R15: ffff8880ae738700 FS: 0000000000ff2940(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000000073b138 CR3: 0000000058d9c000 CR4: 00000000001426e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:645 [inline] queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:50 [inline] queued_spin_lock include/asm-generic/qspinlock.h:81 [inline] do_raw_spin_lock+0x20d/0x2e0 kernel/locking/spinlock_debug.c:113 spin_lock include/linux/spinlock.h:353 [inline] alloc_vmap_area+0xb81/0x1e20 mm/vmalloc.c:1152 __get_vm_area_node+0x178/0x3b0 mm/vmalloc.c:2117 __vmalloc_node_range+0xdc/0x7a0 mm/vmalloc.c:2549 __vmalloc_node mm/vmalloc.c:2609 [inline] __vmalloc_node_flags mm/vmalloc.c:2623 [inline] vzalloc+0x67/0x80 mm/vmalloc.c:2668 alloc_counters.isra.0+0x50/0x690 net/ipv6/netfilter/ip6_tables.c:816 copy_entries_to_user net/ipv4/netfilter/arp_tables.c:680 [inline] get_entries net/ipv4/netfilter/arp_tables.c:867 [inline] do_arpt_get_ctl+0x46a/0x780 net/ipv4/netfilter/arp_tables.c:1489 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline] nf_getsockopt+0x72/0xd0 net/netfilter/nf_sockopt.c:122 ip_getsockopt net/ipv4/ip_sockglue.c:1576 [inline] ip_getsockopt+0x165/0x1c0 net/ipv4/ip_sockglue.c:1556 tcp_getsockopt net/ipv4/tcp.c:3782 [inline] tcp_getsockopt+0x86/0xd0 net/ipv4/tcp.c:3776 __sys_getsockopt+0x14b/0x2e0 net/socket.c:2177 __do_sys_getsockopt net/socket.c:2192 [inline] __se_sys_getsockopt net/socket.c:2189 [inline] __x64_sys_getsockopt+0xba/0x150 net/socket.c:2189 do_syscall_64+0xf6/0x7d0 arch/x86/entry/common.c:295 entry_SYSCALL_64_after_hwframe+0x49/0xb3 RIP: 0033:0x45f33a Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ed 8b fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ca 8b fb ff c3 66 0f 1f 84 00 00 00 00 00 RSP: 002b:00007ffeb57b4f98 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 RAX: ffffffffffffffda RBX: 00007ffeb57b50a0 RCX: 000000000045f33a RDX: 0000000000000061 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 0000000000000003 R08: 00007ffeb57b4fac R09: 000000000000000a R10: 00007ffeb57b50a0 R11: 0000000000000212 R12: 0000000000000000 R13: 00007ffeb57b5720 R14: 00000000000982e5 R15: 00007ffeb57b5730