bisecting cause commit starting from 2bb07f4e1d861fbb6c05f3dd79bdc8b41dfd2c08 building syzkaller on 81230308c61b57d9f496c92c439c0d38e07a0d26 testing commit 2bb07f4e1d861fbb6c05f3dd79bdc8b41dfd2c08 with gcc (GCC) 8.1.0 kernel signature: 24552ea8d5ac82740704417e333b6c472822c437fef556487a45c76ce9e4cdf2 all runs: crashed: INFO: task hung in lock_sock_nested testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: 09d42fbb66de19823ad9fd2037f09debd430e07800c76f7966a8c87c7d1008ee all runs: OK # git bisect start 2bb07f4e1d861fbb6c05f3dd79bdc8b41dfd2c08 d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 Bisecting: 6281 revisions left to test after this (roughly 13 steps) [4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb] Merge tag 'for-v5.6' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply testing commit 4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb with gcc (GCC) 8.1.0 kernel signature: d25c55de5d146addf106971c4a444490b00c1c9de7f5b075e80e2eaba60c2b53 all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad 4cadc60d6bcfee9c626d4b55e9dc1475d21ad3bb Bisecting: 2314 revisions left to test after this (roughly 12 steps) [bd2463ac7d7ec51d432f23bf0e893fb371a908cd] Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next testing commit bd2463ac7d7ec51d432f23bf0e893fb371a908cd with gcc (GCC) 8.1.0 kernel signature: ec4cace6c24e825e5064312d254250f044628cd6ae196ae3ca6301dd7ec39fc6 run #0: crashed: INFO: task hung in lock_sock_nested run #1: crashed: INFO: task hung in lock_sock_nested run #2: crashed: INFO: task hung in lock_sock_nested run #3: crashed: INFO: task hung in lock_sock_nested run #4: crashed: INFO: task hung in lock_sock_nested run #5: crashed: INFO: task hung in lock_sock_nested run #6: crashed: INFO: task hung in lock_sock_nested run #7: crashed: INFO: task hung in lock_sock_nested run #8: crashed: INFO: task hung in lock_sock_nested run #9: boot failed: can't ssh into the instance # git bisect bad bd2463ac7d7ec51d432f23bf0e893fb371a908cd Bisecting: 1616 revisions left to test after this (roughly 11 steps) [6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41] qed: rt init valid initialization changed testing commit 6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41 with gcc (GCC) 8.1.0 kernel signature: 6390003d1b6edc4232cf87d9dcc99ff0cf89a0ea339dab4b3ae70d66e5e8c1dc all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad 6bc82d9b7e6371673992ed5e3897cf7fb8cc4f41 Bisecting: 808 revisions left to test after this (roughly 10 steps) [b9ae51273655a72a12fba730843fd72fb132735a] hsr: fix dummy hsr_debugfs_rename() declaration testing commit b9ae51273655a72a12fba730843fd72fb132735a with gcc (GCC) 8.1.0 kernel signature: 83c3d552132ca3b4ffeb2cbc5c6067349526e2b07b29348aa288fa96704fd1c8 all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad b9ae51273655a72a12fba730843fd72fb132735a Bisecting: 403 revisions left to test after this (roughly 9 steps) [dacad7b34b59fb06a242ef2cf64205f04f7c5339] mlxsw: spectrum_router: Start using new IPv6 route notifications testing commit dacad7b34b59fb06a242ef2cf64205f04f7c5339 with gcc (GCC) 8.1.0 kernel signature: b7da82665880edd658cd0c563fe60ef900c32a264bcd01db317c61c2f0ebdf94 all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad dacad7b34b59fb06a242ef2cf64205f04f7c5339 Bisecting: 201 revisions left to test after this (roughly 8 steps) [f63db4efdd50a2b67b97336fde67661af8af112b] net: bcmgenet: Refactor bcmgenet_set_features() testing commit f63db4efdd50a2b67b97336fde67661af8af112b with gcc (GCC) 8.1.0 kernel signature: 622e474d587a0ff5dc892b917673cd9e1690f6e0951759ef68c2f1ccd13d14f1 all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad f63db4efdd50a2b67b97336fde67661af8af112b Bisecting: 100 revisions left to test after this (roughly 7 steps) [a8674f753e36f566d6c1d992ab85323d784281d9] ipv4: Notify newly added route if should be offloaded testing commit a8674f753e36f566d6c1d992ab85323d784281d9 with gcc (GCC) 8.1.0 kernel signature: c93a65ff4df6153d20d9bcd9faa8ccbbcfcc99013b522548e2869e704fb3cb1a all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad a8674f753e36f566d6c1d992ab85323d784281d9 Bisecting: 49 revisions left to test after this (roughly 6 steps) [bea0f4a5115aaf6f59c6d2125f52ff149874b6d2] Merge branch 'sfp-slow-to-probe-copper' testing commit bea0f4a5115aaf6f59c6d2125f52ff149874b6d2 with gcc (GCC) 8.1.0 kernel signature: a622a088cedde48fc0f20c595ade6a02f156529cef14502137adef0d2f0f6949 all runs: OK # git bisect good bea0f4a5115aaf6f59c6d2125f52ff149874b6d2 Bisecting: 24 revisions left to test after this (roughly 5 steps) [1d1997db870f4058676439ef7014390ba9e24eb2] Revert "nfp: abm: fix memory leak in nfp_abm_u32_knode_replace" testing commit 1d1997db870f4058676439ef7014390ba9e24eb2 with gcc (GCC) 8.1.0 kernel signature: 962a2218ceeb838d7c75df1f9e57221afac90d59fdf20a41ba0233954eb0c477 all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad 1d1997db870f4058676439ef7014390ba9e24eb2 Bisecting: 12 revisions left to test after this (roughly 4 steps) [32d5109a9d864aea3981f0b5ea736eee4e11b42a] netlink: rename nl80211_validate_nested() to nla_validate_nested() testing commit 32d5109a9d864aea3981f0b5ea736eee4e11b42a with gcc (GCC) 8.1.0 kernel signature: a8bb9703bd0850eeacdaa60fdbfcd9d9a49e43bce09bc36aab9b2dac9e56484d all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad 32d5109a9d864aea3981f0b5ea736eee4e11b42a Bisecting: 5 revisions left to test after this (roughly 3 steps) [bf5432b1de1fcfd1d389111c350b88dd238860ba] vsock/virtio: remove loopback handling testing commit bf5432b1de1fcfd1d389111c350b88dd238860ba with gcc (GCC) 8.1.0 kernel signature: 55aa12a4c86664f8d9f691b3672f94541dac5a3e5f39a9e8e91864c22126e4ab all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad bf5432b1de1fcfd1d389111c350b88dd238860ba Bisecting: 2 revisions left to test after this (roughly 2 steps) [0e12190578d081d4fe54d41635ec6e5a6eb0d01a] vsock: add local transport support in the vsock core testing commit 0e12190578d081d4fe54d41635ec6e5a6eb0d01a with gcc (GCC) 8.1.0 kernel signature: aec0c7278bb034b13b560ee4ecdbe8bde64e1d971c0d2d13c6ce655c35d1d857 all runs: OK # git bisect good 0e12190578d081d4fe54d41635ec6e5a6eb0d01a Bisecting: 0 revisions left to test after this (roughly 1 step) [408624af4c89989117bb2c6517bd50b7708a2fcd] vsock: use local transport when it is loaded testing commit 408624af4c89989117bb2c6517bd50b7708a2fcd with gcc (GCC) 8.1.0 kernel signature: 128c2c198b2368f437a1de3c833509b5d3732a4269c81cf235919f54160ef821 all runs: crashed: INFO: task hung in lock_sock_nested # git bisect bad 408624af4c89989117bb2c6517bd50b7708a2fcd Bisecting: 0 revisions left to test after this (roughly 0 steps) [077263fba10011d7e1d17dc7691ff20c15c56081] vsock: add vsock_loopback transport testing commit 077263fba10011d7e1d17dc7691ff20c15c56081 with gcc (GCC) 8.1.0 kernel signature: 34672a56f039b559af1c67459f1a7b01e91e537317c821577d88eabf0c7b404e all runs: OK # git bisect good 077263fba10011d7e1d17dc7691ff20c15c56081 408624af4c89989117bb2c6517bd50b7708a2fcd is the first bad commit commit 408624af4c89989117bb2c6517bd50b7708a2fcd Author: Stefano Garzarella Date: Tue Dec 10 11:43:06 2019 +0100 vsock: use local transport when it is loaded Now that we have a transport that can handle the local communication, we can use it when it is loaded. A socket will use the local transport (loopback) when the remote CID is: - equal to VMADDR_CID_LOCAL - or equal to transport_g2h->get_local_cid(), if transport_g2h is loaded (this allows us to keep the same behavior implemented by virtio and vmci transports) - or equal to VMADDR_CID_HOST, if transport_g2h is not loaded Signed-off-by: Stefano Garzarella Signed-off-by: David S. Miller net/vmw_vsock/af_vsock.c | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) culprit signature: 128c2c198b2368f437a1de3c833509b5d3732a4269c81cf235919f54160ef821 parent signature: 34672a56f039b559af1c67459f1a7b01e91e537317c821577d88eabf0c7b404e revisions tested: 16, total time: 3h56m26.714791468s (build: 1h50m54.113198061s, test: 2h3m50.002793273s) first bad commit: 408624af4c89989117bb2c6517bd50b7708a2fcd vsock: use local transport when it is loaded cc: ["davem@davemloft.net" "jhansen@vmware.com" "kuba@kernel.org" "linux-kernel@vger.kernel.org" "netdev@vger.kernel.org" "sgarzare@redhat.com" "stefanha@redhat.com"] crash: INFO: task hung in lock_sock_nested INFO: task syz-executor.1:8008 blocked for more than 143 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D29496 8008 7960 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 virtio_transport_release+0xa7/0xb20 net/vmw_vsock/virtio_transport_common.c:819 vsock_assign_transport+0xc3/0x2e0 net/vmw_vsock/af_vsock.c:454 vsock_stream_connect+0x263/0xad0 net/vmw_vsock/af_vsock.c:1288 __sys_connect_file+0x133/0x190 net/socket.c:1844 __sys_connect+0x104/0x140 net/socket.c:1861 __do_sys_connect net/socket.c:1872 [inline] __se_sys_connect net/socket.c:1869 [inline] __x64_sys_connect+0x6e/0xb0 net/socket.c:1869 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: 48 8b 5c 24 30 48 01 d8 48 89 04 24 48 89 4c 24 08 e8 db 67 fa ff 48 8b 4c 24 10 48 8b 44 24 18 48 ff c0 48 83 f8 06 7c ce 48 <89> 4c 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 84 b4 ff ff eb 92 cc RSP: 002b:00007f26f37cac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 00007f26f37cb6d4 RCX: 000000000045c449 RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003 RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000096 R14: 00000000004c2eae R15: 000000000076bf2c INFO: task syz-executor.1:8010 blocked for more than 143 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D30024 8010 7960 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 lock_sock include/net/sock.h:1526 [inline] vsock_stream_setsockopt+0xe8/0x440 net/vmw_vsock/af_vsock.c:1547 __sys_setsockopt+0x213/0x440 net/socket.c:2117 __do_sys_setsockopt net/socket.c:2133 [inline] __se_sys_setsockopt net/socket.c:2130 [inline] __x64_sys_setsockopt+0xb9/0x150 net/socket.c:2130 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: 48 8b 5c 24 30 48 01 d8 48 89 04 24 48 89 4c 24 08 e8 db 67 fa ff 48 8b 4c 24 10 48 8b 44 24 18 48 ff c0 48 83 f8 06 7c ce 48 <89> 4c 24 40 48 8b 6c 24 20 48 83 c4 28 c3 e8 84 b4 ff ff eb 92 cc RSP: 002b:00007f26f37a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007f26f37aa6d4 RCX: 000000000045c449 RDX: 0000000000000002 RSI: 0000000000000028 RDI: 0000000000000003 RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000a31 R14: 00000000004d5928 R15: 000000000076bfcc INFO: task syz-executor.1:8016 blocked for more than 143 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D30040 8016 7960 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 virtio_transport_release+0xa7/0xb20 net/vmw_vsock/virtio_transport_common.c:819 vsock_assign_transport+0xc3/0x2e0 net/vmw_vsock/af_vsock.c:454 vsock_stream_connect+0x263/0xad0 net/vmw_vsock/af_vsock.c:1288 __sys_connect_file+0x133/0x190 net/socket.c:1844 __sys_connect+0x104/0x140 net/socket.c:1861 __do_sys_connect net/socket.c:1872 [inline] __se_sys_connect net/socket.c:1869 [inline] __x64_sys_connect+0x6e/0xb0 net/socket.c:1869 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: Bad RIP value. RSP: 002b:00007f26f3767c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 00007f26f37686d4 RCX: 000000000045c449 RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003 RBP: 000000000076c100 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000096 R14: 00000000004c2eae R15: 000000000076c10c INFO: task syz-executor.3:8013 blocked for more than 144 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29776 8013 7958 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 virtio_transport_release+0xa7/0xb20 net/vmw_vsock/virtio_transport_common.c:819 vsock_assign_transport+0xc3/0x2e0 net/vmw_vsock/af_vsock.c:454 vsock_stream_connect+0x263/0xad0 net/vmw_vsock/af_vsock.c:1288 __sys_connect_file+0x133/0x190 net/socket.c:1844 __sys_connect+0x104/0x140 net/socket.c:1861 __do_sys_connect net/socket.c:1872 [inline] __se_sys_connect net/socket.c:1869 [inline] __x64_sys_connect+0x6e/0xb0 net/socket.c:1869 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: Bad RIP value. RSP: 002b:00007f90c7436c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 00007f90c74376d4 RCX: 000000000045c449 RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003 RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000096 R14: 00000000004c2eae R15: 000000000076bf2c INFO: task syz-executor.3:8014 blocked for more than 144 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D30264 8014 7958 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 lock_sock include/net/sock.h:1526 [inline] vsock_stream_setsockopt+0xe8/0x440 net/vmw_vsock/af_vsock.c:1547 __sys_setsockopt+0x213/0x440 net/socket.c:2117 __do_sys_setsockopt net/socket.c:2133 [inline] __se_sys_setsockopt net/socket.c:2130 [inline] __x64_sys_setsockopt+0xb9/0x150 net/socket.c:2130 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: Bad RIP value. RSP: 002b:00007f90c7415c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007f90c74166d4 RCX: 000000000045c449 RDX: 0000000000000002 RSI: 0000000000000028 RDI: 0000000000000003 RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000a31 R14: 00000000004d5928 R15: 000000000076bfcc INFO: task syz-executor.3:8018 blocked for more than 144 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D30040 8018 7958 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 virtio_transport_release+0xa7/0xb20 net/vmw_vsock/virtio_transport_common.c:819 vsock_assign_transport+0xc3/0x2e0 net/vmw_vsock/af_vsock.c:454 vsock_stream_connect+0x263/0xad0 net/vmw_vsock/af_vsock.c:1288 __sys_connect_file+0x133/0x190 net/socket.c:1844 __sys_connect+0x104/0x140 net/socket.c:1861 __do_sys_connect net/socket.c:1872 [inline] __se_sys_connect net/socket.c:1869 [inline] __x64_sys_connect+0x6e/0xb0 net/socket.c:1869 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: Bad RIP value. RSP: 002b:00007f90c73d3c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 00007f90c73d46d4 RCX: 000000000045c449 RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003 RBP: 000000000076c100 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000096 R14: 00000000004c2eae R15: 000000000076c10c INFO: task syz-executor.2:8021 blocked for more than 144 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D29248 8021 7963 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 virtio_transport_release+0xa7/0xb20 net/vmw_vsock/virtio_transport_common.c:819 vsock_assign_transport+0xc3/0x2e0 net/vmw_vsock/af_vsock.c:454 vsock_stream_connect+0x263/0xad0 net/vmw_vsock/af_vsock.c:1288 __sys_connect_file+0x133/0x190 net/socket.c:1844 __sys_connect+0x104/0x140 net/socket.c:1861 __do_sys_connect net/socket.c:1872 [inline] __se_sys_connect net/socket.c:1869 [inline] __x64_sys_connect+0x6e/0xb0 net/socket.c:1869 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: Bad RIP value. RSP: 002b:00007f2782d7fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 00007f2782d806d4 RCX: 000000000045c449 RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003 RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000096 R14: 00000000004c2eae R15: 000000000076bf2c INFO: task syz-executor.2:8022 blocked for more than 145 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D29696 8022 7963 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 lock_sock include/net/sock.h:1526 [inline] vsock_stream_setsockopt+0xe8/0x440 net/vmw_vsock/af_vsock.c:1547 __sys_setsockopt+0x213/0x440 net/socket.c:2117 __do_sys_setsockopt net/socket.c:2133 [inline] __se_sys_setsockopt net/socket.c:2130 [inline] __x64_sys_setsockopt+0xb9/0x150 net/socket.c:2130 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: Bad RIP value. RSP: 002b:00007f2782d5ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007f2782d5f6d4 RCX: 000000000045c449 RDX: 0000000000000002 RSI: 0000000000000028 RDI: 0000000000000003 RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000a31 R14: 00000000004d5928 R15: 000000000076bfcc INFO: task syz-executor.2:8036 blocked for more than 145 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D29696 8036 7963 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 virtio_transport_release+0xa7/0xb20 net/vmw_vsock/virtio_transport_common.c:819 vsock_assign_transport+0xc3/0x2e0 net/vmw_vsock/af_vsock.c:454 vsock_stream_connect+0x263/0xad0 net/vmw_vsock/af_vsock.c:1288 __sys_connect_file+0x133/0x190 net/socket.c:1844 __sys_connect+0x104/0x140 net/socket.c:1861 __do_sys_connect net/socket.c:1872 [inline] __se_sys_connect net/socket.c:1869 [inline] __x64_sys_connect+0x6e/0xb0 net/socket.c:1869 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: Bad RIP value. RSP: 002b:00007f2782d1cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 00007f2782d1d6d4 RCX: 000000000045c449 RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003 RBP: 000000000076c100 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000096 R14: 00000000004c2eae R15: 000000000076c10c INFO: task syz-executor.4:8025 blocked for more than 145 seconds. Not tainted 5.5.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D29576 8025 7968 0x00000004 Call Trace: context_switch kernel/sched/core.c:3385 [inline] __schedule+0x8a9/0x1970 kernel/sched/core.c:4081 schedule+0xc3/0x2b0 kernel/sched/core.c:4155 __lock_sock+0x129/0x200 net/core/sock.c:2413 lock_sock_nested+0xda/0x100 net/core/sock.c:2938 virtio_transport_release+0xa7/0xb20 net/vmw_vsock/virtio_transport_common.c:819 vsock_assign_transport+0xc3/0x2e0 net/vmw_vsock/af_vsock.c:454 vsock_stream_connect+0x263/0xad0 net/vmw_vsock/af_vsock.c:1288 __sys_connect_file+0x133/0x190 net/socket.c:1844 __sys_connect+0x104/0x140 net/socket.c:1861 __do_sys_connect net/socket.c:1872 [inline] __se_sys_connect net/socket.c:1869 [inline] __x64_sys_connect+0x6e/0xb0 net/socket.c:1869 do_syscall_64+0xca/0x5f0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45c449 Code: Bad RIP value. RSP: 002b:00007fdafbe2fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 00007fdafbe306d4 RCX: 000000000045c449 RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003 RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000096 R14: 00000000004c2eae R15: 000000000076bf2c Showing all locks held in the system: 1 lock held by khungtaskd/1110: #0: ffffffff88d99140 (rcu_read_lock){....}, at: debug_show_all_locks+0x5b/0x275 kernel/locking/lockdep.c:5334 2 locks held by rsyslogd/7746: #0: ffff888098260660 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xa3/0xc0 fs/file.c:801 #1: ffffffff88d8e978 (logbuf_lock){-.-.}, at: is_bpf_text_address+0x0/0xe0 kernel/bpf/core.c:694 2 locks held by getty/7836: #0: ffff88808fd21090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:340 #1: ffffc900017bb2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x17d0 drivers/tty/n_tty.c:2156 2 locks held by getty/7837: #0: ffff88808c0cd090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:340 #1: ffffc9000183b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x17d0 drivers/tty/n_tty.c:2156 2 locks held by getty/7838: #0: ffff8880a9468090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:340 #1: ffffc9000184b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x17d0 drivers/tty/n_tty.c:2156 2 locks held by getty/7839: #0: ffff88809c18d090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:340 #1: ffffc900017fb2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x17d0 drivers/tty/n_tty.c:2156 2 locks held by getty/7840: #0: ffff8880995cc090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:340 #1: ffffc9000182b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x17d0 drivers/tty/n_tty.c:2156 2 locks held by getty/7841: #0: ffff8880968e9090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:340 #1: ffffc9000181b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x17d0 drivers/tty/n_tty.c:2156 2 locks held by getty/7842: #0: ffff8880a0b47090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x2d/0x40 drivers/tty/tty_ldsem.c:340 #1: ffffc9000178b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x1ee/0x17d0 drivers/tty/n_tty.c:2156 1 lock held by syz-executor.1/8008: #0: ffff8880a777b910 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff8880a777b910 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.1/8016: #0: ffff8880a70ac8d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff8880a70ac8d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.3/8013: #0: ffff8880a777b190 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff8880a777b190 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.3/8018: #0: ffff888090acb8d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff888090acb8d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.2/8021: #0: ffff888099d31950 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff888099d31950 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.2/8036: #0: ffff88807cb398d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff88807cb398d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.4/8025: #0: ffff888099d311d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff888099d311d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.4/8038: #0: ffff8880928c48d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff8880928c48d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.0/8029: #0: ffff888099656890 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff888099656890 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.0/8040: #0: ffff8880a7a2b8d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff8880a7a2b8d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.5/8032: #0: ffff88807caf98d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff88807caf98d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 1 lock held by syz-executor.5/8042: #0: ffff8880a6e838d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1526 [inline] #0: ffff8880a6e838d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xee/0xad0 net/vmw_vsock/af_vsock.c:1258 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1110 Comm: khungtaskd Not tainted 5.5.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x12d/0x187 lib/dump_stack.c:118 nmi_cpu_backtrace.cold.7+0x4b/0x84 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x18b/0x1b7 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline] watchdog+0x611/0xc50 kernel/hung_task.c:289 kthread+0x331/0x3f0 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x12/0x20 arch/x86/include/asm/irqflags.h:60