bisecting fixing commit since c98875d930e915d01e8c40c7d3c16f00b3c8abe1 building syzkaller on 53199d6e8aee5f0ebd3775d2b1c674f4e6e64e2b testing commit c98875d930e915d01e8c40c7d3c16f00b3c8abe1 with gcc (GCC) 8.4.1 20210217 kernel signature: 2384b2413b3e30009dac5642db10b433f0d691ed362df34bf90adec2c3731eaf all runs: crashed: INFO: task hung in aead_recvmsg testing current HEAD eb575cd5d7f60241d016fdd13a9e86d962093c9b testing commit eb575cd5d7f60241d016fdd13a9e86d962093c9b with gcc (GCC) 8.4.1 20210217 kernel signature: bbb4c621605f6a40a8678c7d1638990c29731887d288c0bbd22b86c5e2e0f8f4 all runs: crashed: INFO: task hung in aead_recvmsg revisions tested: 2, total time: 34m12.58666213s (build: 19m33.450213583s, test: 14m3.28806889s) the crash still happens on HEAD commit msg: Linux 4.19.195 crash: INFO: task hung in aead_recvmsg IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready 8021q: adding VLAN 0 to HW filter on device batadv0 8021q: adding VLAN 0 to HW filter on device batadv0 INFO: task syz-executor.1:6709 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D27656 6709 5634 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007f3eca249198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007f3eca2496bc INFO: task syz-executor.1:6723 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D27416 6723 5634 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007f3eca228198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bfa0 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007f3eca2286bc INFO: task syz-executor.3:6710 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D27656 6710 5633 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007f663db3c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007f663db3c6bc INFO: task syz-executor.3:6730 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D27416 6730 5633 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007f663db1b198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bfa0 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007f663db1b6bc INFO: task syz-executor.4:6713 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D27656 6713 5639 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007fec10a0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007fec10a0c6bc INFO: task syz-executor.4:6731 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D27416 6731 5639 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007fec109eb198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bfa0 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007fec109eb6bc INFO: task syz-executor.5:6716 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D27656 6716 5638 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007f1f795e8198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007f1f795e86bc INFO: task syz-executor.5:6732 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D27416 6732 5638 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007f1f795c7198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bfa0 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007f1f795c76bc INFO: task syz-executor.0:6752 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D27416 6752 5637 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007f76bb361198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007f76bb3616bc INFO: task syz-executor.2:6755 blocked for more than 140 seconds. Not tainted 4.19.195-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D27416 6755 5631 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0xdbb/0x1d60 kernel/sched/core.c:3517 schedule+0x7f/0x1b0 kernel/sched/core.c:3561 schedule_timeout+0x6e3/0xe00 kernel/time/timer.c:1794 do_wait_for_common kernel/sched/completion.c:83 [inline] __wait_for_common kernel/sched/completion.c:104 [inline] wait_for_common kernel/sched/completion.c:115 [inline] wait_for_completion+0x282/0x460 kernel/sched/completion.c:136 crypto_wait_req include/linux/crypto.h:517 [inline] _aead_recvmsg crypto/algif_aead.c:314 [inline] aead_recvmsg+0x1144/0x1fb0 crypto/algif_aead.c:335 sock_recvmsg_nosec net/socket.c:795 [inline] sock_recvmsg net/socket.c:802 [inline] sock_recvmsg+0xb9/0xf0 net/socket.c:798 sock_read_iter+0x252/0x440 net/socket.c:879 call_read_iter include/linux/fs.h:1815 [inline] do_iter_readv_writev+0x3f2/0x960 fs/read_write.c:679 do_iter_read+0x1e0/0x5a0 fs/read_write.c:923 vfs_readv+0xc9/0x130 fs/read_write.c:987 do_readv+0x110/0x330 fs/read_write.c:1020 __do_sys_readv fs/read_write.c:1107 [inline] __se_sys_readv fs/read_write.c:1104 [inline] __x64_sys_readv+0x70/0xb0 fs/read_write.c:1104 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4603b9 Code: Bad RIP value. RSP: 002b:00007fd7cdea2198 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004603b9 RDX: 0000000000000001 RSI: 00000000200007c0 RDI: 0000000000000004 RBP: 00000000004a9a99 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000003 R14: 00000000004b129a R15: 00007fd7cdea26bc Showing all locks held in the system: 1 lock held by khungtaskd/1042: #0: 000000002ba4bc9a (rcu_read_lock){....}, at: debug_show_all_locks+0x5b/0x27a kernel/locking/lockdep.c:4443 1 lock held by in:imklog/5310: 2 locks held by kworker/u4:5/6563: #0: 00000000b59a3a40 (&rq->lock){-.-.}, at: idle_balance kernel/sched/fair.c:9702 [inline] #0: 00000000b59a3a40 (&rq->lock){-.-.}, at: pick_next_task_fair+0xf37/0x1560 kernel/sched/fair.c:6841 #1: 000000002ba4bc9a (rcu_read_lock){....}, at: __update_idle_core+0x45/0x3f0 kernel/sched/fair.c:6057 1 lock held by syz-executor.1/6709: #0: 0000000041e341a1 (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 0000000041e341a1 (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.1/6723: #0: 00000000b174bd5a (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000b174bd5a (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.3/6710: #0: 00000000cbd67870 (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000cbd67870 (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.3/6730: #0: 00000000c0756b05 (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000c0756b05 (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.4/6713: #0: 00000000cea65ab1 (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000cea65ab1 (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.4/6731: #0: 00000000798efa32 (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000798efa32 (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.5/6716: #0: 0000000034f9570f (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 0000000034f9570f (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.5/6732: #0: 00000000f4e9b352 (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000f4e9b352 (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.0/6752: #0: 00000000c95dbb2a (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000c95dbb2a (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.2/6755: #0: 00000000ed2b105c (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000ed2b105c (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 1 lock held by syz-executor.2/6764: #0: 00000000fb60236e (sk_lock-AF_ALG){+.+.}, at: lock_sock include/net/sock.h:1510 [inline] #0: 00000000fb60236e (sk_lock-AF_ALG){+.+.}, at: af_alg_wait_for_data+0x1b3/0x440 crypto/af_alg.c:774 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1042 Comm: khungtaskd Not tainted 4.19.195-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x123/0x171 lib/dump_stack.c:118 nmi_cpu_backtrace.cold.4+0x3e/0x76 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0xe6/0x120 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline] watchdog+0x5c3/0xb40 kernel/hung_task.c:287 kthread+0x34a/0x410 kernel/kthread.c:259 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:415 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 5311 Comm: rs:main Q:Reg Not tainted 4.19.195-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:preempt_count_sub+0x6a/0x150 kernel/sched/core.c:3274 Code: 75 18 65 8b 05 87 67 bf 7e 25 ff ff ff 7f 39 c3 7f 1b 81 fb fe 00 00 00 76 6e 65 8b 05 6f 67 bf 7e f7 db 65 01 1d 66 67 bf 7e <5b> 5d c3 e8 de 73 ac 01 85 c0 74 f4 48 c7 c7 c0 2f d7 89 48 b8 00 RSP: 0018:ffff8881dc70f808 EFLAGS: 00000293 RAX: 0000000080000002 RBX: 00000000ffffffff RCX: 0000000000000000 RDX: 0000000000000004 RSI: ffffffff871e5d60 RDI: ffffffff89c876e0 RBP: ffff8881dc70f810 R08: ffffed103ed04733 R09: ffffed103ed04732 R10: ffffed103ed04732 R11: ffff8881f6823993 R12: dffffc0000000000 R13: ffffffff87d85f00 R14: ffffffff8819c1c0 R15: ffffffff8819c1c0 FS: 00007f207a115700(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f3f8421c000 CR3: 00000001eae61001 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: rcu_lockdep_current_cpu_online kernel/rcu/tree.c:1081 [inline] rcu_lockdep_current_cpu_online+0x14a/0x1d0 kernel/rcu/tree.c:1068 rcu_read_lock_sched_held+0x96/0x120 kernel/rcu/update.c:115 trace_writeback_dirty_inode_start include/trace/events/writeback.h:120 [inline] __mark_inode_dirty+0x6ca/0xd80 fs/fs-writeback.c:2178 mark_inode_dirty include/linux/fs.h:2086 [inline] __generic_write_end+0x129/0x190 fs/buffer.c:2129 generic_write_end+0x46/0x70 fs/buffer.c:2174 ext4_da_write_end+0x2ba/0xa20 fs/ext4/inode.c:3201 generic_perform_write+0x349/0x490 mm/filemap.c:3181 __generic_file_write_iter+0x205/0x590 mm/filemap.c:3295 ext4_file_write_iter+0x282/0xe60 fs/ext4/file.c:272 call_write_iter include/linux/fs.h:1821 [inline] new_sync_write fs/read_write.c:474 [inline] __vfs_write+0x44b/0x890 fs/read_write.c:487 vfs_write+0x150/0x4d0 fs/read_write.c:549 ksys_write+0x103/0x260 fs/read_write.c:599 __do_sys_write fs/read_write.c:611 [inline] __se_sys_write fs/read_write.c:608 [inline] __x64_sys_write+0x6e/0xb0 fs/read_write.c:608 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f207cb591cd Code: c2 20 00 00 75 10 b8 01 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 ae fc ff ff 48 89 04 24 b8 01 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 f7 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 RSP: 002b:00007f207a114590 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f2070007260 RCX: 00007f207cb591cd RDX: 00000000000004be RSI: 00007f2070007260 RDI: 0000000000000009 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000293 R12: 00007f2070006fc0 R13: 00007f207a1145b0 R14: 000055aeddd6a7c0 R15: 00000000000004be