bisecting cause commit starting from 4442749a203151a319a5bb8d0b983b84253a6931 building syzkaller on abf9ba4fc75d9b29af15625d44dcfc1360fad3b7 testing commit 4442749a203151a319a5bb8d0b983b84253a6931 with gcc (GCC) 8.1.0 kernel signature: ec1cf6d31b0403c18ee2b4b7b89898dfddd71edabc8db53fe0675bf7bd090722 all runs: crashed: INFO: task can't die in io_finish_async testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: 504c3e725738384ade30dd4933426e3458bf4c3541de23efc9911f03c10ace7e all runs: OK # git bisect start 4442749a203151a319a5bb8d0b983b84253a6931 bcf876870b95592b52519ed4aafcf9d95999bc9c Bisecting: 9560 revisions left to test after this (roughly 13 steps) [d6efb3ac3e6c19ab722b28bdb9252bae0b9676b6] Merge tag 'tty-5.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty testing commit d6efb3ac3e6c19ab722b28bdb9252bae0b9676b6 with gcc (GCC) 8.1.0 kernel signature: 7de1b27d2f6b34c245a5fc29cfec638cd2a8cc3698fd1669092e2bbb387cdc24 all runs: OK # git bisect good d6efb3ac3e6c19ab722b28bdb9252bae0b9676b6 Bisecting: 4787 revisions left to test after this (roughly 12 steps) [0063a82de937433ccfffe123e12b4503b9155c96] Merge tag 'sched-urgent-2020-08-30' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 0063a82de937433ccfffe123e12b4503b9155c96 with gcc (GCC) 8.1.0 kernel signature: 643d1e0db8a5ce91fa1f86b8ba5069383153235fd0851e65ff42066e4a541f22 all runs: OK # git bisect good 0063a82de937433ccfffe123e12b4503b9155c96 Bisecting: 2342 revisions left to test after this (roughly 11 steps) [501c4123d9ecf8e38425fa2dae591d87f18a33f9] Merge remote-tracking branch 'wireless-drivers-next/master' into master testing commit 501c4123d9ecf8e38425fa2dae591d87f18a33f9 with gcc (GCC) 8.1.0 kernel signature: 5792b6a3af9c09cd30cb363bf97ccae3acdb857b95d2e3cc64a8c8f59c5d66b0 all runs: OK # git bisect good 501c4123d9ecf8e38425fa2dae591d87f18a33f9 Bisecting: 1187 revisions left to test after this (roughly 10 steps) [571a89375d9c25d2a8a2475fdcbb07012397ebea] Merge remote-tracking branch 'battery/for-next' into master testing commit 571a89375d9c25d2a8a2475fdcbb07012397ebea with gcc (GCC) 8.1.0 kernel signature: 27c015b0faf0c69167c702e4439438c30063776d048672a46f800535cff37ded all runs: crashed: INFO: task hung in io_finish_async # git bisect bad 571a89375d9c25d2a8a2475fdcbb07012397ebea Bisecting: 425 revisions left to test after this (roughly 9 steps) [9f157e0b004231d2dcd32b0be9f4ac0c82aa3bd9] Merge remote-tracking branch 'amdgpu/drm-next' into master testing commit 9f157e0b004231d2dcd32b0be9f4ac0c82aa3bd9 with gcc (GCC) 8.1.0 kernel signature: ed85339e230b7a600e247c4e46cb24ee70dc77966ee70d5c604c7a9c2376fab1 all runs: OK # git bisect good 9f157e0b004231d2dcd32b0be9f4ac0c82aa3bd9 Bisecting: 247 revisions left to test after this (roughly 8 steps) [c931ccf0ad38398554a565a665e063d03bfb27a1] Merge remote-tracking branch 'asoc/for-5.10' into asoc-next testing commit c931ccf0ad38398554a565a665e063d03bfb27a1 with gcc (GCC) 8.1.0 kernel signature: 5ed29ca0c38cc6cbc31d40904bb61cd03060db573e9546f95b55cd80877cada3 all runs: OK # git bisect good c931ccf0ad38398554a565a665e063d03bfb27a1 Bisecting: 155 revisions left to test after this (roughly 7 steps) [8b02ee3c462859fc17c22f0407bea6c03cab768c] Merge remote-tracking branch 'input/next' into master testing commit 8b02ee3c462859fc17c22f0407bea6c03cab768c with gcc (GCC) 8.1.0 kernel signature: 5dca9083d0c56eb53b0f8415451adc0ffc25625c421265b116eea69fe3658213 all runs: OK # git bisect good 8b02ee3c462859fc17c22f0407bea6c03cab768c Bisecting: 76 revisions left to test after this (roughly 6 steps) [4b60276576dccbbbfa90e25407f2d958dcde1793] Merge branch 'for-5.10/io_uring' into for-next testing commit 4b60276576dccbbbfa90e25407f2d958dcde1793 with gcc (GCC) 8.1.0 kernel signature: 2dd2db9f1dae7335197b265aef5de8164c261dd7677e6c9d36e36599b88cc557 all runs: crashed: INFO: task hung in io_finish_async # git bisect bad 4b60276576dccbbbfa90e25407f2d958dcde1793 Bisecting: 39 revisions left to test after this (roughly 5 steps) [7cf34d97ab45203b975396393ded9d3867dfa8bf] block: remove the discard_alignment field from struct hd_struct testing commit 7cf34d97ab45203b975396393ded9d3867dfa8bf with gcc (GCC) 8.1.0 kernel signature: 590ad9c0ead26f0e3c451b74ac4c0043224d9f22de63bb48b22c3ec5aef8e61f all runs: OK # git bisect good 7cf34d97ab45203b975396393ded9d3867dfa8bf Bisecting: 19 revisions left to test after this (roughly 4 steps) [93f7d2db80e4aea2731619d7b907a029e0d14259] blk-iocost: restructure surplus donation logic testing commit 93f7d2db80e4aea2731619d7b907a029e0d14259 with gcc (GCC) 8.1.0 kernel signature: aa66f13a7d7712b0302a2acc5d7d059be58dde89255ba4789e52561c80836dc4 all runs: OK # git bisect good 93f7d2db80e4aea2731619d7b907a029e0d14259 Bisecting: 9 revisions left to test after this (roughly 3 steps) [a7863b3423fd5d1ab82161654ba83973764b570b] blk-iocost: update iocost_monitor.py testing commit a7863b3423fd5d1ab82161654ba83973764b570b with gcc (GCC) 8.1.0 kernel signature: 697691b8816017d42a313742cacac00eab5e5cbeb18b523bbf0136ada42112fd all runs: OK # git bisect good a7863b3423fd5d1ab82161654ba83973764b570b Bisecting: 4 revisions left to test after this (roughly 2 steps) [59f1a56b370813ef315189eedc88ae45fd7a1f5e] io_wq: Make io_wqe::lock a raw_spinlock_t testing commit 59f1a56b370813ef315189eedc88ae45fd7a1f5e with gcc (GCC) 8.1.0 kernel signature: 2d9fdf66d2943cf3b87b96d4f869f808cab395014bd7782202d519516bce2dba all runs: crashed: INFO: task hung in io_finish_async # git bisect bad 59f1a56b370813ef315189eedc88ae45fd7a1f5e Bisecting: 2 revisions left to test after this (roughly 1 step) [793658bdb550800904bfa954d418abb72b0e7b24] io_uring: use an enumeration for io_uring_register(2) opcodes testing commit 793658bdb550800904bfa954d418abb72b0e7b24 with gcc (GCC) 8.1.0 kernel signature: b665e912cbee0098cc7b313869ee6f6b32c286c504c6a95bd03e8209ed8d10fe all runs: OK # git bisect good 793658bdb550800904bfa954d418abb72b0e7b24 Bisecting: 0 revisions left to test after this (roughly 1 step) [dfe127799f8e663c7e3e48b5275ca538b278177b] io_uring: allow disabling rings during the creation testing commit dfe127799f8e663c7e3e48b5275ca538b278177b with gcc (GCC) 8.1.0 kernel signature: 779c877e5ff1818bb850aadae3a9d37847d74c106d81729248ef584554b47b63 all runs: crashed: INFO: task hung in io_finish_async # git bisect bad dfe127799f8e663c7e3e48b5275ca538b278177b Bisecting: 0 revisions left to test after this (roughly 0 steps) [1748079a2c19eb69b3af33bfadc1100c5b1ddc14] io_uring: add IOURING_REGISTER_RESTRICTIONS opcode testing commit 1748079a2c19eb69b3af33bfadc1100c5b1ddc14 with gcc (GCC) 8.1.0 kernel signature: aa2ff9e7d6549af04a781c8f4e08c2b57b079249734e98d6ffd949ccbe74876b all runs: OK # git bisect good 1748079a2c19eb69b3af33bfadc1100c5b1ddc14 dfe127799f8e663c7e3e48b5275ca538b278177b is the first bad commit commit dfe127799f8e663c7e3e48b5275ca538b278177b Author: Stefano Garzarella Date: Thu Aug 27 16:58:31 2020 +0200 io_uring: allow disabling rings during the creation This patch adds a new IORING_SETUP_R_DISABLED flag to start the rings disabled, allowing the user to register restrictions, buffers, files, before to start processing SQEs. When IORING_SETUP_R_DISABLED is set, SQE are not processed and SQPOLL kthread is not started. The restrictions registration are allowed only when the rings are disable to prevent concurrency issue while processing SQEs. The rings can be enabled using IORING_REGISTER_ENABLE_RINGS opcode with io_uring_register(2). Suggested-by: Jens Axboe Signed-off-by: Stefano Garzarella Reviewed-by: Kees Cook Signed-off-by: Jens Axboe fs/io_uring.c | 52 +++++++++++++++++++++++++++++++++++++------ include/uapi/linux/io_uring.h | 2 ++ 2 files changed, 47 insertions(+), 7 deletions(-) culprit signature: 779c877e5ff1818bb850aadae3a9d37847d74c106d81729248ef584554b47b63 parent signature: aa2ff9e7d6549af04a781c8f4e08c2b57b079249734e98d6ffd949ccbe74876b revisions tested: 17, total time: 3h47m50.574341855s (build: 1h19m32.850518396s, test: 2h26m32.588590668s) first bad commit: dfe127799f8e663c7e3e48b5275ca538b278177b io_uring: allow disabling rings during the creation recipients (to): ["axboe@kernel.dk" "keescook@chromium.org" "sgarzare@redhat.com"] recipients (cc): [] crash: INFO: task hung in io_finish_async INFO: task syz-executor.3:8271 blocked for more than 143 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.3 state:D stack:14200 pid: 8271 ppid: 6956 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_timeout+0x224/0x2d0 kernel/time/timer.c:1855 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0xa7/0x110 kernel/sched/completion.c:138 io_sq_thread_stop fs/io_uring.c:6900 [inline] io_finish_async+0x1a/0x60 fs/io_uring.c:6914 io_sq_offload_create fs/io_uring.c:7589 [inline] io_uring_create fs/io_uring.c:8665 [inline] io_uring_setup+0xc87/0xca0 fs/io_uring.c:8738 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5b9 Code: Bad RIP value. RSP: 002b:00007f9d96f9dbf8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9 RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 000000000045d5b9 RDX: 0000000020ffa000 RSI: 0000000020000100 RDI: 0000000000003ffe RBP: 000000000118cf98 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffa000 R13: 0000000020ff9000 R14: 0000000000000000 R15: 0000000000000000 INFO: task syz-executor.3:8278 blocked for more than 143 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.3 state:D stack:14200 pid: 8278 ppid: 6956 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_timeout+0x224/0x2d0 kernel/time/timer.c:1855 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0xa7/0x110 kernel/sched/completion.c:138 io_sq_thread_stop fs/io_uring.c:6900 [inline] io_finish_async+0x1a/0x60 fs/io_uring.c:6914 io_sq_offload_create fs/io_uring.c:7589 [inline] io_uring_create fs/io_uring.c:8665 [inline] io_uring_setup+0xc87/0xca0 fs/io_uring.c:8738 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5b9 Code: Bad RIP value. RSP: 002b:00007f9d96f7cbf8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9 RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 000000000045d5b9 RDX: 0000000020ffa000 RSI: 0000000020000100 RDI: 0000000000003ffe RBP: 000000000118d038 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffa000 R13: 0000000020ff9000 R14: 0000000000000000 R15: 0000000000000000 INFO: task io_uring-sq:8272 blocked for more than 143 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:io_uring-sq state:D stack:15360 pid: 8272 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 kthread+0xe4/0x170 kernel/kthread.c:285 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task syz-executor.5:8274 blocked for more than 143 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.5 state:D stack:14616 pid: 8274 ppid: 6966 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_timeout+0x224/0x2d0 kernel/time/timer.c:1855 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0xa7/0x110 kernel/sched/completion.c:138 io_sq_thread_stop fs/io_uring.c:6900 [inline] io_finish_async+0x1a/0x60 fs/io_uring.c:6914 io_sq_offload_create fs/io_uring.c:7589 [inline] io_uring_create fs/io_uring.c:8665 [inline] io_uring_setup+0xc87/0xca0 fs/io_uring.c:8738 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5b9 Code: Bad RIP value. RSP: 002b:00007fbd48686bf8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9 RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 000000000045d5b9 RDX: 0000000020ffa000 RSI: 0000000020000100 RDI: 0000000000003ffe RBP: 000000000118cf98 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffa000 R13: 0000000020ff9000 R14: 0000000000000000 R15: 0000000000000000 INFO: task syz-executor.5:8291 blocked for more than 143 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.5 state:D stack:14696 pid: 8291 ppid: 6966 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_timeout+0x224/0x2d0 kernel/time/timer.c:1855 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0xa7/0x110 kernel/sched/completion.c:138 io_sq_thread_stop fs/io_uring.c:6900 [inline] io_finish_async+0x1a/0x60 fs/io_uring.c:6914 io_sq_offload_create fs/io_uring.c:7589 [inline] io_uring_create fs/io_uring.c:8665 [inline] io_uring_setup+0xc87/0xca0 fs/io_uring.c:8738 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5b9 Code: Bad RIP value. RSP: 002b:00007fbd48665bf8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9 RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 000000000045d5b9 RDX: 0000000020ffa000 RSI: 0000000020000100 RDI: 0000000000003ffe RBP: 000000000118d038 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffa000 R13: 0000000020ff9000 R14: 0000000000000000 R15: 0000000000000000 INFO: task io_uring-sq:8275 blocked for more than 144 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:io_uring-sq state:D stack:15360 pid: 8275 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 kthread+0xe4/0x170 kernel/kthread.c:285 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task io_uring-sq:8279 blocked for more than 144 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:io_uring-sq state:D stack:15360 pid: 8279 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 kthread+0xe4/0x170 kernel/kthread.c:285 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 INFO: task syz-executor.0:8284 blocked for more than 144 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.0 state:D stack:14504 pid: 8284 ppid: 6963 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_timeout+0x224/0x2d0 kernel/time/timer.c:1855 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0xa7/0x110 kernel/sched/completion.c:138 io_sq_thread_stop fs/io_uring.c:6900 [inline] io_finish_async+0x1a/0x60 fs/io_uring.c:6914 io_sq_offload_create fs/io_uring.c:7589 [inline] io_uring_create fs/io_uring.c:8665 [inline] io_uring_setup+0xc87/0xca0 fs/io_uring.c:8738 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5b9 Code: Bad RIP value. RSP: 002b:00007fb5e6a7fbf8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9 RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 000000000045d5b9 RDX: 0000000020ffa000 RSI: 0000000020000100 RDI: 0000000000003ffe RBP: 000000000118cf98 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffa000 R13: 0000000020ff9000 R14: 0000000000000000 R15: 0000000000000000 INFO: task syz-executor.0:8303 blocked for more than 144 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.0 state:D stack:14696 pid: 8303 ppid: 6963 flags:0x00004004 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_timeout+0x224/0x2d0 kernel/time/timer.c:1855 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common kernel/sched/completion.c:106 [inline] wait_for_common kernel/sched/completion.c:117 [inline] wait_for_completion+0xa7/0x110 kernel/sched/completion.c:138 io_sq_thread_stop fs/io_uring.c:6900 [inline] io_finish_async+0x1a/0x60 fs/io_uring.c:6914 io_sq_offload_create fs/io_uring.c:7589 [inline] io_uring_create fs/io_uring.c:8665 [inline] io_uring_setup+0xc87/0xca0 fs/io_uring.c:8738 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45d5b9 Code: Bad RIP value. RSP: 002b:00007fb5e6a5ebf8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9 RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 000000000045d5b9 RDX: 0000000020ffa000 RSI: 0000000020000100 RDI: 0000000000003ffe RBP: 000000000118d038 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020ffa000 R13: 0000000020ff9000 R14: 0000000000000000 R15: 0000000000000000 INFO: task io_uring-sq:8285 blocked for more than 144 seconds. Not tainted 5.9.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:io_uring-sq state:D stack:15360 pid: 8285 ppid: 2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:3778 [inline] __schedule+0x404/0x8a0 kernel/sched/core.c:4527 schedule+0x37/0xe0 kernel/sched/core.c:4602 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:4661 kthread+0xe4/0x170 kernel/kthread.c:285 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 Showing all locks held in the system: 2 locks held by kworker/u4:4/549: #0: ffff88812c12dbd8 (&rq->lock){-.-.}-{2:2}, at: newidle_balance+0x430/0x630 kernel/sched/fair.c:10555 #1: ffffffff842f5dc0 (rcu_read_lock){....}-{1:2}, at: __update_idle_core+0x0/0x200 kernel/sched/fair.c:5211 1 lock held by khungtaskd/1171: #0: ffffffff842f5dc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x15/0x17a kernel/locking/lockdep.c:5830 1 lock held by systemd-journal/3908: #0: ffff88812c12dbd8 (&rq->lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1292 [inline] #0: ffff88812c12dbd8 (&rq->lock){-.-.}-{2:2}, at: __schedule+0x10b/0x8a0 kernel/sched/core.c:4445 1 lock held by in:imklog/6380: #0: ffff8881202a1ef0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x45/0x50 fs/file.c:930 ============================================= NMI backtrace for cpu 0 CPU: 0 PID: 1171 Comm: khungtaskd Not tainted 5.9.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0xa3/0xcc lib/dump_stack.c:118 nmi_cpu_backtrace.cold.8+0x3e/0x58 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0xd5/0xec lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:209 [inline] watchdog+0x58e/0x680 kernel/hung_task.c:295 kthread+0x148/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 549 Comm: kworker/u4:4 Not tainted 5.9.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: bat_events batadv_tt_purge RIP: 0010:__lock_acquire+0x475/0x16e0 kernel/locking/lockdep.c:4416 Code: 85 48 05 00 00 4c 89 e8 44 89 6c 24 18 48 c1 e8 20 89 c1 89 44 24 20 44 01 e8 c1 c1 04 89 44 24 28 89 4c 24 30 48 83 3c 24 00 <74> 69 65 4c 8b 34 25 c0 7e 01 00 41 8b 96 e0 08 00 00 45 31 ed 49 RSP: 0018:ffffc9000152fcd0 EFLAGS: 00000046 RAX: 00000000b90161eb RBX: 0000000000000825 RCX: 00000000e7120ca3 RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 RBP: ffff88812b240380 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: bea883e0682e68b8 R12: ffff88812b240cb8 R13: 3e7120ca7a904121 R14: 0000000000000004 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff88812c100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fdaba3b6000 CR3: 000000011f0c2000 CR4: 00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: lock_acquire+0xd7/0x3e0 kernel/locking/lockdep.c:5006 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x2f/0x40 kernel/locking/spinlock.c:175 spin_lock_bh include/linux/spinlock.h:359 [inline] batadv_tt_global_purge net/batman-adv/translation-table.c:2511 [inline] batadv_tt_purge+0x63/0x280 net/batman-adv/translation-table.c:3802 process_one_work+0x26a/0x5f0 kernel/workqueue.c:2269 worker_thread+0x38/0x380 kernel/workqueue.c:2415 kthread+0x148/0x170 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294