Extracting prog: 13m5.247983246s Minimizing prog: 3h55m6.019126133s Simplifying prog options: 0s Extracting C: 9m18.830333128s Simplifying C: 1h0m26.664755964s extracting reproducer from 1 programs testing a last program of every proc single: executing 1 programs separately with timeout 45s testing program (duration=45s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-socket$inet_tcp-ioctl$sock_SIOCGIFINDEX-bpf$PROG_LOAD-bpf$BPF_LINK_CREATE_XDP-bpf$PROG_LOAD-bind$inet-sendto$inet detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r5, r4}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x235, &(0x7f0000000c80)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', r4}, 0x94) bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendto$inet(r2, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0) program did not crash single: failed to extract reproducer single: executing 1 programs separately with timeout 16m0s testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-socket$inet_tcp-ioctl$sock_SIOCGIFINDEX-bpf$PROG_LOAD-bpf$BPF_LINK_CREATE_XDP-bpf$PROG_LOAD-bind$inet-sendto$inet detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r5, r4}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x235, &(0x7f0000000c80)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', r4}, 0x94) bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendto$inet(r2, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0) program crashed: INFO: task hung in _vm_unmap_aliases single: successfully extracted reproducer found reproducer with 15 syscalls minimizing guilty program testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-socket$inet_tcp-ioctl$sock_SIOCGIFINDEX-bpf$PROG_LOAD-bpf$BPF_LINK_CREATE_XDP-bpf$PROG_LOAD-bind$inet detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r5, r4}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x235, &(0x7f0000000c80)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', r4}, 0x94) bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-socket$inet_tcp-ioctl$sock_SIOCGIFINDEX-bpf$PROG_LOAD-bpf$BPF_LINK_CREATE_XDP-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r4, r3}, 0x40) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x235, &(0x7f0000000c80)=ANY=[], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', r3}, 0x94) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-socket$inet_tcp-ioctl$sock_SIOCGIFINDEX-bpf$PROG_LOAD-bpf$BPF_LINK_CREATE_XDP detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r4, r3}, 0x40) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-socket$inet_tcp-ioctl$sock_SIOCGIFINDEX-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-socket$inet_tcp-ioctl$sock_SIOCGIFINDEX detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) program did not crash testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-socket$inet_tcp-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) socket$inet_udp(0x2, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-socket$inet_udp-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) socket$inet_udp(0x2, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-setsockopt$packet_fanout-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-syz_emit_ethernet-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000e00)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x8}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-sendto$inet6-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bind$inet6-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000dc0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x100000}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-socket$inet6-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) socket$inet6(0xa, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-setsockopt$SO_ATTACH_FILTER-bpf$PROG_LOAD detailed listing: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$packet-bpf$PROG_LOAD detailed listing: executing program 0: socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD detailed listing: executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) program did not crash testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) program did not crash testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) program did not crash testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) program did not crash extracting C reproducer testing compiled C program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD program crashed: INFO: task hung in _vm_unmap_aliases simplifying C reproducer testing compiled C program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD program crashed: INFO: task hung in _vm_unmap_aliases testing compiled C program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD program crashed: INFO: task hung in _vm_unmap_aliases testing compiled C program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD program crashed: INFO: task hung in _vm_unmap_aliases testing compiled C program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD program crashed: INFO: task hung in _vm_unmap_aliases testing compiled C program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD program crashed: INFO: task hung in _vm_unmap_aliases testing compiled C program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD program crashed: INFO: task hung in _vm_unmap_aliases testing program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases validation run: crashed=true testing program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases validation run: crashed=true testing program (duration=16m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000080000000000000000000008500000036000000850000002a0000009500000000000000910f001083f7b8033157ad3a9ec3e0a154dde8e516b33d49cd6d8ea1ef44e26a9689047dc810523bb6cb646edac69057131e1be7162eed1f07ba5e28f6fe1cb93967ef2f0ef2d0df01ab65f8f730d2851251b7cda33d6e3116f566927744a6e23559db48c03d567c61c68d4095f639c7ddaa0d10b9b3f0d1f20bd1b72012aaaa70b845455ec52e27fdb0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x49) program crashed: INFO: task hung in _vm_unmap_aliases validation run: crashed=true reproducing took 5h56m28.071214374s repro crashed as (corrupted=false): INFO: task kworker/0:7:4066 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:7 state:D stack:0 pid:4066 tgid:4066 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea529d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea529d8c r5:83821800 r4:83821800 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:83821800 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea529e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85c99c00 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:83821800 r7:00000000 r6:83018400 r5:00001000 r4:7f049000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:dfc2f000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9c794 r4:85c80400 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9c794 r4:85c80400 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:83821800 r8:85c8042c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85c80400 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85c80400 r8:802762fc r7:ea511e60 r6:85c80200 r5:83821800 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea529fb0 to 0xea529ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85b5f700 INFO: task kworker/0:7:4066 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e090a000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/1:15:4089 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:15 state:D stack:0 pid:4089 tgid:4089 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea741d84 r9:829174a8 r8:60000013 r7:829174a8 r6:ea741d8c r5:853c3000 r4:853c3000 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:853c3000 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea741e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cfd980 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018605 r8:853c3000 r7:00000000 r6:83018600 r5:00001000 r4:7f073000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea801000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d6df94 r4:85cc8080 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:ddde3b40 r6:83018600 r5:85d6df94 r4:85cc8080 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:853c3000 r8:85cc80ac r7:82804d80 r6:ddde3b40 r5:ddde3b60 r4:85cc8080 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cc8080 r8:802762fc r7:ea745e60 r6:85cc8100 r5:853c3000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea741fb0 to 0xea741ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cd0900 INFO: task kworker/1:15:4089 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e0af7000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/1:111:4595 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:111 state:D stack:0 pid:4595 tgid:4595 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:e84a9d84 r9:829174a8 r8:60000113 r7:829174a8 r6:e84a9d8c r5:85dc9800 r4:85dc9800 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85dc9800 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:e84a9e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cfd600 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018605 r8:85dc9800 r7:00000000 r6:83018600 r5:00001000 r4:7f06f000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea769000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d6f794 r4:85cf3b00 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:ddde3b40 r6:83018600 r5:85d6f794 r4:85cf3b00 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85dc9800 r8:85cf3b2c r7:82804d80 r6:ddde3b40 r5:ddde3b60 r4:85cf3b00 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cf3b00 r8:802762fc r7:ea675e60 r6:85cf3b80 r5:85dc9800 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xe84a9fb0 to 0xe84a9ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85ceba80 INFO: task kworker/1:111:4595 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e0d3c000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:177:4655 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:177 state:D stack:0 pid:4655 tgid:4655 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea795d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea795d8c r5:85a13000 r4:85a13000 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85a13000 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea795e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6540 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a13000 r7:00000000 r6:83018400 r5:00001000 r4:7f063000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea601000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9d394 r4:85cda600 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9d394 r4:85cda600 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a13000 r8:85cda62c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda600 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda600 r8:802762fc r7:ea68de60 r6:85cda680 r5:85a13000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea795fb0 to 0xea795ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99900 INFO: task kworker/0:177:4655 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e13f0000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:179:4659 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:179 state:D stack:0 pid:4659 tgid:4659 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea55dd84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea55dd8c r5:85a13c00 r4:85a13c00 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85a13c00 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea55de08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6940 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a13c00 r7:00000000 r6:83018400 r5:00001000 r4:7f069000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea6d3000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9ef94 r4:85cda900 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9ef94 r4:85cda900 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a13c00 r8:85cda92c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda900 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda900 r8:802762fc r7:ea795e60 r6:85cda980 r5:85a13c00 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea55dfb0 to 0xea55dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:179:4659 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e13f0000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:180:4660 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:180 state:D stack:0 pid:4660 tgid:4660 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea565d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea565d8c r5:85a14800 r4:85a14800 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85a14800 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea565e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6700 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a14800 r7:00000000 r6:83018400 r5:00001000 r4:7f065000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea699000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9e394 r4:85cdaa80 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9e394 r4:85cdaa80 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a14800 r8:85cdaaac r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cdaa80 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cdaa80 r8:802762fc r7:ea7bde60 r6:85cdab00 r5:85a14800 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea565fb0 to 0xea565ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:180:4660 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1647000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:181:4673 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:181 state:D stack:0 pid:4673 tgid:4673 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea635d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea635d8c r5:85de8000 r4:85de8000 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85de8000 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea635e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cebbc0 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85de8000 r7:00000000 r6:83018400 r5:00001000 r4:7f071000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea7dd000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9cb94 r4:85cdad80 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9cb94 r4:85cdad80 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85de8000 r8:85cdadac r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cdad80 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cdad80 r8:802762fc r7:ea55de60 r6:85cdac80 r5:85de8000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea635fb0 to 0xea635ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cf6680 INFO: task kworker/0:181:4673 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1647000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:182:4677 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:182 state:D stack:0 pid:4677 tgid:4677 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea709d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea709d8c r5:85de8c00 r4:85de8c00 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85de8c00 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea709e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6cc0 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85de8c00 r7:00000000 r6:83018400 r5:00001000 r4:7f06b000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea70b000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9f394 r4:85cfc000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9f394 r4:85cfc000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85de8c00 r8:85cfc02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cfc000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cfc000 r8:802762fc r7:ea635e60 r6:85cfc180 r5:85de8c00 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea709fb0 to 0xea709ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cf6ac0 INFO: task kworker/0:182:4677 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1a64000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:183:4678 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:183 state:D stack:0 pid:4678 tgid:4678 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea705d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea705d8c r5:85deb000 r4:85deb000 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85deb000 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea705e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6200 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85deb000 r7:00000000 r6:83018400 r5:00001000 r4:7f06d000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea735000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9ff94 r4:85cfc280 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9ff94 r4:85cfc280 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85deb000 r8:85cfc2ac r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cfc280 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cfc280 r8:802762fc r7:ea635e60 r6:85cfc300 r5:85deb000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea705fb0 to 0xea705ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cf6e80 INFO: task kworker/0:183:4678 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1a64000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:184:4681 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:184 state:D stack:0 pid:4681 tgid:4681 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea74dd84 r9:829174a8 r8:60000013 r7:829174a8 r6:ea74dd8c r5:85debc00 r4:85debc00 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85debc00 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea74de08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cba9c0 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85debc00 r7:00000000 r6:83018400 r5:00001000 r4:7f04f000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:e02af000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d93394 r4:85cfc400 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d93394 r4:85cfc400 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85debc00 r8:85cfc42c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cfc400 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cfc400 r8:802762fc r7:ea635e60 r6:85cfc480 r5:85debc00 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea74dfb0 to 0xea74dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cf6e40 INFO: task kworker/0:184:4681 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1b84000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT Hardware name: ARM-Versatile Express Call trace: [<80201a74>] (dump_backtrace) from [<80201b70>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257) r7:00000000 r6:00000113 r5:60000193 r4:822957d8 [<80201b58>] (show_stack) from [<8021edec>] (__dump_stack lib/dump_stack.c:94 [inline]) [<80201b58>] (show_stack) from [<8021edec>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:120) [<8021ed7c>] (dump_stack_lvl) from [<8021ee10>] (dump_stack+0x18/0x1c lib/dump_stack.c:129) r5:00000000 r4:00000001 [<8021edf8>] (dump_stack) from [<81a9b540>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113) [<81a9b3e0>] (nmi_cpu_backtrace) from [<81a9b68c>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000000 r6:8280c6d0 r5:8281af1c r4:ffffffff [<81a9b55c>] (nmi_trigger_cpumask_backtrace) from [<8022f818>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:852) r9:00007bef r8:8280c850 r7:0001cce5 r6:00007bef r5:82ac27e4 r4:00000048 [<8022f800>] (arch_trigger_cpumask_backtrace) from [<81aa319c>] (trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]) [<8022f800>] (arch_trigger_cpumask_backtrace) from [<81aa319c>] (__sys_info lib/sys_info.c:157 [inline]) [<8022f800>] (arch_trigger_cpumask_backtrace) from [<81aa319c>] (sys_info+0x68/0xa8 lib/sys_info.c:165) [<81aa3134>] (sys_info) from [<80383780>] (check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]) [<81aa3134>] (sys_info) from [<80383780>] (watchdog+0x464/0x8a0 kernel/hung_task.c:515) r5:82ac27e4 r4:8612d40c [<8038331c>] (watchdog) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:00000000 r8:8038331c r7:8332b080 r6:8332b080 r5:8321e000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdf8d9fb0 to 0xdf8d9ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:832c0cc0 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 2819 Comm: pr/ttyAMA-1 Not tainted syzkaller #0 PREEMPT Hardware name: ARM-Versatile Express PC is at __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline] PC is at _raw_spin_unlock_irqrestore+0x28/0x54 kernel/locking/spinlock.c:194 LR is at spin_unlock_irqrestore include/linux/spinlock.h:406 [inline] LR is at __uart_port_unlock_irqrestore include/linux/serial_core.h:616 [inline] LR is at pl011_console_device_unlock+0x20/0x24 drivers/tty/serial/amba-pl011.c:2603 pc : [<81abc6b0>] lr : [<80aa3868>] psr: 600e0113 sp : eb17deb0 ip : eb17dec0 fp : eb17debc r10: 82959bc4 r9 : 00000001 r8 : 00000000 r7 : 00000117 r6 : 82959b28 r5 : 00000000 r4 : 00000001 r3 : 00000761 r2 : 00000000 r1 : 600e0113 r0 : 84148840 Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 30c5387d Table: 84f32800 DAC: 00000000 Call trace: [<81abc688>] (_raw_spin_unlock_irqrestore) from [<80aa3868>] (spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]) [<81abc688>] (_raw_spin_unlock_irqrestore) from [<80aa3868>] (__uart_port_unlock_irqrestore include/linux/serial_core.h:616 [inline]) [<81abc688>] (_raw_spin_unlock_irqrestore) from [<80aa3868>] (pl011_console_device_unlock+0x20/0x24 drivers/tty/serial/amba-pl011.c:2603) [<80aa3848>] (pl011_console_device_unlock) from [<802e5720>] (nbcon_emit_one+0x88/0x100 kernel/printk/nbcon.c:1149) [<802e5698>] (nbcon_emit_one) from [<802e59a0>] (nbcon_kthread_func+0x208/0x2e4 kernel/printk/nbcon.c:1255) r6:82abf0fc r5:82959b28 r4:8387bc00 [<802e5798>] (nbcon_kthread_func) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:82959b28 r8:802e5798 r7:84ae7e00 r6:84ae7e00 r5:8387bc00 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xeb17dfb0 to 0xeb17dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:830a0100 final repro crashed as (corrupted=false): INFO: task kworker/0:7:4066 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:7 state:D stack:0 pid:4066 tgid:4066 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea529d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea529d8c r5:83821800 r4:83821800 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:83821800 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea529e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85c99c00 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:83821800 r7:00000000 r6:83018400 r5:00001000 r4:7f049000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:dfc2f000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9c794 r4:85c80400 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9c794 r4:85c80400 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:83821800 r8:85c8042c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85c80400 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85c80400 r8:802762fc r7:ea511e60 r6:85c80200 r5:83821800 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea529fb0 to 0xea529ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85b5f700 INFO: task kworker/0:7:4066 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e090a000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/1:15:4089 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:15 state:D stack:0 pid:4089 tgid:4089 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea741d84 r9:829174a8 r8:60000013 r7:829174a8 r6:ea741d8c r5:853c3000 r4:853c3000 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:853c3000 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea741e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cfd980 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018605 r8:853c3000 r7:00000000 r6:83018600 r5:00001000 r4:7f073000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea801000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d6df94 r4:85cc8080 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:ddde3b40 r6:83018600 r5:85d6df94 r4:85cc8080 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:853c3000 r8:85cc80ac r7:82804d80 r6:ddde3b40 r5:ddde3b60 r4:85cc8080 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cc8080 r8:802762fc r7:ea745e60 r6:85cc8100 r5:853c3000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea741fb0 to 0xea741ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cd0900 INFO: task kworker/1:15:4089 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e0af7000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/1:111:4595 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:111 state:D stack:0 pid:4595 tgid:4595 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:e84a9d84 r9:829174a8 r8:60000113 r7:829174a8 r6:e84a9d8c r5:85dc9800 r4:85dc9800 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85dc9800 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:e84a9e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cfd600 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018605 r8:85dc9800 r7:00000000 r6:83018600 r5:00001000 r4:7f06f000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea769000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d6f794 r4:85cf3b00 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:ddde3b40 r6:83018600 r5:85d6f794 r4:85cf3b00 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85dc9800 r8:85cf3b2c r7:82804d80 r6:ddde3b40 r5:ddde3b60 r4:85cf3b00 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cf3b00 r8:802762fc r7:ea675e60 r6:85cf3b80 r5:85dc9800 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xe84a9fb0 to 0xe84a9ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85ceba80 INFO: task kworker/1:111:4595 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e0d3c000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:177:4655 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:177 state:D stack:0 pid:4655 tgid:4655 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea795d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea795d8c r5:85a13000 r4:85a13000 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85a13000 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea795e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6540 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a13000 r7:00000000 r6:83018400 r5:00001000 r4:7f063000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea601000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9d394 r4:85cda600 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9d394 r4:85cda600 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a13000 r8:85cda62c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda600 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda600 r8:802762fc r7:ea68de60 r6:85cda680 r5:85a13000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea795fb0 to 0xea795ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99900 INFO: task kworker/0:177:4655 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e13f0000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:179:4659 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:179 state:D stack:0 pid:4659 tgid:4659 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea55dd84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea55dd8c r5:85a13c00 r4:85a13c00 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85a13c00 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea55de08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6940 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a13c00 r7:00000000 r6:83018400 r5:00001000 r4:7f069000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea6d3000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9ef94 r4:85cda900 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9ef94 r4:85cda900 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a13c00 r8:85cda92c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda900 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda900 r8:802762fc r7:ea795e60 r6:85cda980 r5:85a13c00 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea55dfb0 to 0xea55dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:179:4659 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e13f0000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:180:4660 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:180 state:D stack:0 pid:4660 tgid:4660 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea565d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea565d8c r5:85a14800 r4:85a14800 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85a14800 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea565e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6700 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a14800 r7:00000000 r6:83018400 r5:00001000 r4:7f065000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea699000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9e394 r4:85cdaa80 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9e394 r4:85cdaa80 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a14800 r8:85cdaaac r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cdaa80 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cdaa80 r8:802762fc r7:ea7bde60 r6:85cdab00 r5:85a14800 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea565fb0 to 0xea565ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:180:4660 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1647000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:181:4673 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:181 state:D stack:0 pid:4673 tgid:4673 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea635d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea635d8c r5:85de8000 r4:85de8000 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85de8000 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea635e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cebbc0 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85de8000 r7:00000000 r6:83018400 r5:00001000 r4:7f071000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea7dd000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9cb94 r4:85cdad80 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9cb94 r4:85cdad80 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85de8000 r8:85cdadac r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cdad80 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cdad80 r8:802762fc r7:ea55de60 r6:85cdac80 r5:85de8000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea635fb0 to 0xea635ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cf6680 INFO: task kworker/0:181:4673 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1647000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:182:4677 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:182 state:D stack:0 pid:4677 tgid:4677 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea709d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea709d8c r5:85de8c00 r4:85de8c00 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85de8c00 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea709e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6cc0 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85de8c00 r7:00000000 r6:83018400 r5:00001000 r4:7f06b000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea70b000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9f394 r4:85cfc000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9f394 r4:85cfc000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85de8c00 r8:85cfc02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cfc000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cfc000 r8:802762fc r7:ea635e60 r6:85cfc180 r5:85de8c00 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea709fb0 to 0xea709ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cf6ac0 INFO: task kworker/0:182:4677 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1a64000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:183:4678 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:183 state:D stack:0 pid:4678 tgid:4678 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea705d84 r9:829174a8 r8:60000113 r7:829174a8 r6:ea705d8c r5:85deb000 r4:85deb000 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85deb000 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea705e08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cf6200 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85deb000 r7:00000000 r6:83018400 r5:00001000 r4:7f06d000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea735000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9ff94 r4:85cfc280 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9ff94 r4:85cfc280 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85deb000 r8:85cfc2ac r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cfc280 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cfc280 r8:802762fc r7:ea635e60 r6:85cfc300 r5:85deb000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea705fb0 to 0xea705ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cf6e80 INFO: task kworker/0:183:4678 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1a64000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 INFO: task kworker/0:184:4681 blocked for more than 430 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:184 state:D stack:0 pid:4681 tgid:4681 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab2d08>] (__schedule_loop kernel/sched/core.c:6945 [inline]) [<81ab1a5c>] (__schedule) from [<81ab2d08>] (schedule+0x2c/0x130 kernel/sched/core.c:6960) r10:ea74dd84 r9:829174a8 r8:60000013 r7:829174a8 r6:ea74dd8c r5:85debc00 r4:85debc00 [<81ab2cdc>] (schedule) from [<81ab2e90>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7017) r5:85debc00 r4:829174a4 [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81ab2e78>] (schedule_preempt_disabled) from [<81ab6514>] (__mutex_lock.constprop.0+0x658/0xf8c kernel/locking/mutex.c:776) [<81ab5ebc>] (__mutex_lock.constprop.0) from [<81ab6f1c>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c9a4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea74de08 r4:00000000 [<81ab6f08>] (__mutex_lock_slowpath) from [<81ab6f5c>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81ab6f20>] (mutex_lock) from [<804f4350>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2944) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cba9c0 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85debc00 r7:00000000 r6:83018400 r5:00001000 r4:7f04f000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:e02af000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d93394 r4:85cfc400 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d93394 r4:85cfc400 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85debc00 r8:85cfc42c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cfc400 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cfc400 r8:802762fc r7:ea635e60 r6:85cfc480 r5:85debc00 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea74dfb0 to 0xea74dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85cf6e40 INFO: task kworker/0:184:4681 is blocked on a mutex likely owned by task kworker/0:178:4658. task:kworker/0:178 state:R running task stack:0 pid:4658 tgid:4658 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81ab1a5c>] (__schedule) from [<81ab313c>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7190) r10:8280c9f8 r9:85a12400 r8:80200c04 r7:ea7bdd54 r6:ffffffff r5:85a12400 r4:00000000 [<81ab30fc>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xea7bdd20 to 0xea7bdd68) dd20: e1b84000 ebda7000 00000001 80239018 7f045000 00000001 82ace204 82acd5e0 dd40: 7f045000 ebda7000 8280c9f8 ea7bdd9c ea7bdda0 ea7bdd70 8022fe10 80239030 dd60: 80000113 ffffffff r5:80000113 r4:80239030 [<8022fdac>] (flush_tlb_kernel_range) from [<804f4114>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2369) r4:82ace224 [<804f3e90>] (__purge_vmap_area_lazy) from [<804f44cc>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2983) r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea7bddc0 r5:ea7bde08 r4:ea7bddc0 [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f42e8>] (_vm_unmap_aliases) from [<804f8138>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83016170 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85cd5800 r4:00000000 [<804f7fcc>] (vfree) from [<80563f44>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83018405 r8:85a12400 r7:00000000 r6:83018400 r5:00001000 r4:7f061000 [<80563f14>] (execmem_free) from [<803cb234>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea521000 [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803cb224>] (bpf_jit_free_exec) from [<803cb614>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1237) [<803cb5ac>] (bpf_jit_free) from [<803cc73c>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85d9df94 r4:85cda000 [<803cc5fc>] (bpf_prog_free_deferred) from [<80275db8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3257) r7:dddcfb40 r6:83018400 r5:85d9df94 r4:85cda000 [<80275c04>] (process_one_work) from [<802764f8>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80275c04>] (process_one_work) from [<802764f8>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3421) r10:61c88647 r9:85a12400 r8:85cda02c r7:82804d80 r6:dddcfb40 r5:dddcfb60 r4:85cda000 [<802762fc>] (worker_thread) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:85cda000 r8:802762fc r7:ea795e60 r6:85cda800 r5:85a12400 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea7bdfb0 to 0xea7bdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:85c99280 Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT Hardware name: ARM-Versatile Express Call trace: [<80201a74>] (dump_backtrace) from [<80201b70>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257) r7:00000000 r6:00000113 r5:60000193 r4:822957d8 [<80201b58>] (show_stack) from [<8021edec>] (__dump_stack lib/dump_stack.c:94 [inline]) [<80201b58>] (show_stack) from [<8021edec>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:120) [<8021ed7c>] (dump_stack_lvl) from [<8021ee10>] (dump_stack+0x18/0x1c lib/dump_stack.c:129) r5:00000000 r4:00000001 [<8021edf8>] (dump_stack) from [<81a9b540>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113) [<81a9b3e0>] (nmi_cpu_backtrace) from [<81a9b68c>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000000 r6:8280c6d0 r5:8281af1c r4:ffffffff [<81a9b55c>] (nmi_trigger_cpumask_backtrace) from [<8022f818>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:852) r9:00007bef r8:8280c850 r7:0001cce5 r6:00007bef r5:82ac27e4 r4:00000048 [<8022f800>] (arch_trigger_cpumask_backtrace) from [<81aa319c>] (trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]) [<8022f800>] (arch_trigger_cpumask_backtrace) from [<81aa319c>] (__sys_info lib/sys_info.c:157 [inline]) [<8022f800>] (arch_trigger_cpumask_backtrace) from [<81aa319c>] (sys_info+0x68/0xa8 lib/sys_info.c:165) [<81aa3134>] (sys_info) from [<80383780>] (check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]) [<81aa3134>] (sys_info) from [<80383780>] (watchdog+0x464/0x8a0 kernel/hung_task.c:515) r5:82ac27e4 r4:8612d40c [<8038331c>] (watchdog) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:00000000 r8:8038331c r7:8332b080 r6:8332b080 r5:8321e000 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdf8d9fb0 to 0xdf8d9ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:832c0cc0 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 2819 Comm: pr/ttyAMA-1 Not tainted syzkaller #0 PREEMPT Hardware name: ARM-Versatile Express PC is at __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline] PC is at _raw_spin_unlock_irqrestore+0x28/0x54 kernel/locking/spinlock.c:194 LR is at spin_unlock_irqrestore include/linux/spinlock.h:406 [inline] LR is at __uart_port_unlock_irqrestore include/linux/serial_core.h:616 [inline] LR is at pl011_console_device_unlock+0x20/0x24 drivers/tty/serial/amba-pl011.c:2603 pc : [<81abc6b0>] lr : [<80aa3868>] psr: 600e0113 sp : eb17deb0 ip : eb17dec0 fp : eb17debc r10: 82959bc4 r9 : 00000001 r8 : 00000000 r7 : 00000117 r6 : 82959b28 r5 : 00000000 r4 : 00000001 r3 : 00000761 r2 : 00000000 r1 : 600e0113 r0 : 84148840 Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 30c5387d Table: 84f32800 DAC: 00000000 Call trace: [<81abc688>] (_raw_spin_unlock_irqrestore) from [<80aa3868>] (spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]) [<81abc688>] (_raw_spin_unlock_irqrestore) from [<80aa3868>] (__uart_port_unlock_irqrestore include/linux/serial_core.h:616 [inline]) [<81abc688>] (_raw_spin_unlock_irqrestore) from [<80aa3868>] (pl011_console_device_unlock+0x20/0x24 drivers/tty/serial/amba-pl011.c:2603) [<80aa3848>] (pl011_console_device_unlock) from [<802e5720>] (nbcon_emit_one+0x88/0x100 kernel/printk/nbcon.c:1149) [<802e5698>] (nbcon_emit_one) from [<802e59a0>] (nbcon_kthread_func+0x208/0x2e4 kernel/printk/nbcon.c:1255) r6:82abf0fc r5:82959b28 r4:8387bc00 [<802e5798>] (nbcon_kthread_func) from [<8027f6fc>] (kthread+0x12c/0x280 kernel/kthread.c:463) r10:00000000 r9:82959b28 r8:802e5798 r7:84ae7e00 r6:84ae7e00 r5:8387bc00 r4:00000001 [<8027f5d0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xeb17dfb0 to 0xeb17dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f5d0 r4:830a0100