bisecting cause commit starting from d8be0e12a522d53a45f85fb241ffd06108d40b03 building syzkaller on 67b599d167ab42fff545ec53e23f2711c184877b testing commit d8be0e12a522d53a45f85fb241ffd06108d40b03 with gcc (GCC) 8.1.0 kernel signature: 5216dd2bb9b38dbc9d67dbb03dfb34d24c3f272f96484a9df863c716ecb44937 run #0: crashed: INFO: task hung in do_read_cache_page run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task can't die in wait_on_page_bit_common run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task can't die in blkdev_put run #5: crashed: INFO: task can't die in blkdev_put run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in truncate_inode_pages_range testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: 54e90a666ed569127d72753d8e04f8fd442ad65e72416747c811e7e046e2efeb run #0: crashed: INFO: task hung in do_read_cache_page run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in do_read_cache_page run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in truncate_inode_pages_range testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0 kernel signature: 7c127da7ddbfd92f26bf10fba7e36a6d77a54118eb5d248b20b114d0a16d4ce0 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in do_read_cache_page run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: e0722c44778355eafd6e5be245fcdb8d6c870dfec00bbbe68f1b07f12aef8a9d run #0: crashed: INFO: task hung in do_read_cache_page run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in do_read_cache_page testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: bb6cc35f52b9ebd482a244d10cf91f53e836e1e4aafcf5f9096ceeb945f6f943 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in do_read_cache_page run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 9d149023df7d10d9247b6a27a98a5cc9dbe3f6a53715f00437a0eaf88270394c all runs: crashed: INFO: task hung in blkdev_put testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: 11647b365c36a7d8fc656ac0d90f0f71d2d50e8a619009e5ab6b0d2e5dee9ddd all runs: OK # git bisect start 219d54332a09e8d8741c1e1982f5eae56099de85 4d856f72c10ecb060868ed10ff1b1453943fc6c8 Bisecting: 7882 revisions left to test after this (roughly 13 steps) [a9f8b38a071b468276a243ea3ea5a0636e848cf2] Merge tag 'for-linus-5.4-1' of git://github.com/cminyard/linux-ipmi testing commit a9f8b38a071b468276a243ea3ea5a0636e848cf2 with gcc (GCC) 8.1.0 kernel signature: b2ee881598ecce722770c9284bea7474265b9141903f6df4344921d8a9ee778f run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad a9f8b38a071b468276a243ea3ea5a0636e848cf2 Bisecting: 3920 revisions left to test after this (roughly 12 steps) [fe38bd6862074c0a2b9be7f31f043aaa70b2af5f] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit fe38bd6862074c0a2b9be7f31f043aaa70b2af5f with gcc (GCC) 8.1.0 kernel signature: ec2404733583e9c6f2e8b7a0a6c9bc27c2c36d9f8dc3da9185bc4eb30d10cbf1 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad fe38bd6862074c0a2b9be7f31f043aaa70b2af5f Bisecting: 1970 revisions left to test after this (roughly 11 steps) [fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35] Merge branch 'x86-build-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35 with gcc (GCC) 8.1.0 kernel signature: 49f2bbc0a73e241f964c51bcc1a750883d037ca29b2c9e2f0643c775507656ed all runs: OK # git bisect good fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35 Bisecting: 1254 revisions left to test after this (roughly 10 steps) [ea982ba7f79141d86eb7a440fcba6796ed718b9b] Merge tag 'mmc-v5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc testing commit ea982ba7f79141d86eb7a440fcba6796ed718b9b with gcc (GCC) 8.1.0 kernel signature: 7d0a416e7e9031550a496ad68fcda15bdf07f1a56f8555e5ae41e66d57dae517 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad ea982ba7f79141d86eb7a440fcba6796ed718b9b Bisecting: 358 revisions left to test after this (roughly 9 steps) [6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a] Merge tag 'xtensa-20190917' of git://github.com/jcmvbkbc/linux-xtensa testing commit 6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a with gcc (GCC) 8.1.0 kernel signature: bbc0497d9e503c75b0dc0d115695e72bda6316f6889412dddec725384bb96666 all runs: OK # git bisect good 6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a Bisecting: 179 revisions left to test after this (roughly 8 steps) [21fa1004ff5d749c90cef77525b73a49ef5583dc] Merge branch 'nvme-5.4' of git://git.infradead.org/nvme into for-5.4/block testing commit 21fa1004ff5d749c90cef77525b73a49ef5583dc with gcc (GCC) 8.1.0 kernel signature: 66f011f9b2952c7b7c57602144eb0332a0783e932afcc5199dd42ef945a3028e run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in do_read_cache_page run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad 21fa1004ff5d749c90cef77525b73a49ef5583dc Bisecting: 89 revisions left to test after this (roughly 7 steps) [10407ec9b42d30a6ebc49f7f84e2bb2131438699] nvme-tcp: Use protocol specific operations while reading socket testing commit 10407ec9b42d30a6ebc49f7f84e2bb2131438699 with gcc (GCC) 8.1.0 kernel signature: ac22b27edbbd25f060e2ada0cb1227ad42ce8fb4b1c8aca3f85b158b6a51dffd run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in do_read_cache_page run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in do_read_cache_page run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad 10407ec9b42d30a6ebc49f7f84e2bb2131438699 Bisecting: 44 revisions left to test after this (roughly 6 steps) [5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960] block: sed-opal: Add/remove spaces testing commit 5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960 with gcc (GCC) 8.1.0 kernel signature: de41d2cb5d64729cb7b881f6ea6d1b29a7f0ecfe7a8ebfbba2a4b80f16109a3f all runs: OK # git bisect good 5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960 Bisecting: 22 revisions left to test after this (roughly 5 steps) [97b27821b4854ca744946dae32a3f2fd55bcd5bc] writeback, memcg: Implement foreign dirty flushing testing commit 97b27821b4854ca744946dae32a3f2fd55bcd5bc with gcc (GCC) 8.1.0 kernel signature: 189d63f0427c298ab515dac155a43afcbbeddb2af32fdd08a15cda0752a2439a run #0: crashed: INFO: task hung in do_read_cache_page run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad 97b27821b4854ca744946dae32a3f2fd55bcd5bc Bisecting: 10 revisions left to test after this (roughly 4 steps) [d4b186ed227b80334abf1fe2c918c0ddc4374f38] null_blk: move duplicate code to callers testing commit d4b186ed227b80334abf1fe2c918c0ddc4374f38 with gcc (GCC) 8.1.0 kernel signature: c2520f7da71f4d4509210ec118162e090219ab7448bc1303683e3f6c1215e68b run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad d4b186ed227b80334abf1fe2c918c0ddc4374f38 Bisecting: 5 revisions left to test after this (roughly 3 steps) [887e975c4172d0d5670c39ead2f18ba1e4ec8133] nbd: add missing config put testing commit 887e975c4172d0d5670c39ead2f18ba1e4ec8133 with gcc (GCC) 8.1.0 kernel signature: 1f1b1fd791ecf5718ad49153001b97a28fdd2cce57f0b9dc039400ef75172baa all runs: OK # git bisect good 887e975c4172d0d5670c39ead2f18ba1e4ec8133 Bisecting: 2 revisions left to test after this (roughly 2 steps) [320ea869a12cec206756207c6ca5f817ec45c7f2] block: improve the gap check in __bio_add_pc_page testing commit 320ea869a12cec206756207c6ca5f817ec45c7f2 with gcc (GCC) 8.1.0 kernel signature: c622f539c9729059441dc8969f7a5e60bfb3db18c0a3074fecf81157b4d54989 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in do_read_cache_page run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad 320ea869a12cec206756207c6ca5f817ec45c7f2 Bisecting: 0 revisions left to test after this (roughly 1 step) [e9e006f5fcf2bab59149cb38a48a4817c1b538b4] nbd: fix max number of supported devs testing commit e9e006f5fcf2bab59149cb38a48a4817c1b538b4 with gcc (GCC) 8.1.0 kernel signature: 2cd74ad4e6c7fbcd4ea38c378f5097c61ee55aee3b5143bfda9b1071b3b5da23 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in do_read_cache_page run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad e9e006f5fcf2bab59149cb38a48a4817c1b538b4 Bisecting: 0 revisions left to test after this (roughly 0 steps) [2da22da573481cc4837e246d0eee4d518b3f715e] nbd: fix zero cmd timeout handling v2 testing commit 2da22da573481cc4837e246d0eee4d518b3f715e with gcc (GCC) 8.1.0 kernel signature: 4ef848bb15495ed1de8e1c7ab7adc0140c5395948b14da73fb986d32cb7448a3 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad 2da22da573481cc4837e246d0eee4d518b3f715e 2da22da573481cc4837e246d0eee4d518b3f715e is the first bad commit commit 2da22da573481cc4837e246d0eee4d518b3f715e Author: Mike Christie Date: Tue Aug 13 11:39:52 2019 -0500 nbd: fix zero cmd timeout handling v2 This fixes a regression added in 4.9 with commit: commit 0eadf37afc2500e1162c9040ec26a705b9af8d47 Author: Josef Bacik Date: Thu Sep 8 12:33:40 2016 -0700 nbd: allow block mq to deal with timeouts where before the patch userspace would set the timeout to 0 to disable it. With the above patch, a zero timeout tells the block layer to use the default value of 30 seconds. For setups where commands can take a long time or experience transient issues like network disruptions this then results in IO errors being sent to the application. To fix this, the patch still uses the common block layer timeout framework, but if zero is set, nbd just logs a message and then resets the timer when it expires. Reviewed-by: Josef Bacik Signed-off-by: Mike Christie Signed-off-by: Jens Axboe drivers/block/nbd.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) culprit signature: 4ef848bb15495ed1de8e1c7ab7adc0140c5395948b14da73fb986d32cb7448a3 parent signature: 1f1b1fd791ecf5718ad49153001b97a28fdd2cce57f0b9dc039400ef75172baa revisions tested: 21, total time: 4h43m6.39273971s (build: 2h6m33.320813754s, test: 2h34m18.594895654s) first bad commit: 2da22da573481cc4837e246d0eee4d518b3f715e nbd: fix zero cmd timeout handling v2 recipients (to): ["axboe@kernel.dk" "josef@toxicpanda.com" "mchristi@redhat.com"] recipients (cc): [] crash: INFO: task hung in do_read_cache_page INFO: task systemd-udevd:9087 blocked for more than 143 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D26568 9087 3914 0x00004100 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 io_schedule+0x1c/0x70 kernel/sched/core.c:5600 wait_on_page_bit_common mm/filemap.c:1166 [inline] wait_on_page_bit+0x357/0x8a0 mm/filemap.c:1215 wait_on_page_locked include/linux/pagemap.h:517 [inline] wait_on_page_read mm/filemap.c:2793 [inline] do_read_cache_page+0x36f/0xbf0 mm/filemap.c:2836 read_cache_page+0x3a/0x60 mm/filemap.c:2920 read_mapping_page include/linux/pagemap.h:386 [inline] read_dev_sector+0x68/0x320 block/partition-generic.c:667 read_part_sector block/partitions/check.h:38 [inline] adfspart_check_ICS+0x109/0xde0 block/partitions/acorn.c:361 check_partition+0x314/0x5da block/partitions/check.c:167 rescan_partitions+0x192/0x8b0 block/partition-generic.c:531 __blkdev_get+0xdc6/0x12e0 fs/block_dev.c:1680 blkdev_get+0x18e/0x210 fs/block_dev.c:1750 blkdev_open+0x19f/0x200 fs/block_dev.c:1886 do_dentry_open+0x3f1/0x1010 fs/open.c:797 vfs_open+0x9a/0xc0 fs/open.c:906 do_last fs/namei.c:3416 [inline] path_openat+0x89e/0x29c0 fs/namei.c:3533 do_filp_open+0x177/0x250 fs/namei.c:3563 do_sys_open+0x1dd/0x3b0 fs/open.c:1089 __do_sys_open fs/open.c:1107 [inline] __se_sys_open fs/open.c:1102 [inline] __x64_sys_open+0x79/0xb0 fs/open.c:1102 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fa2a6850840 Code: Bad RIP value. RSP: 002b:00007fffdffcf1c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 0000564271744410 RCX: 00007fa2a6850840 RDX: 0000564270ecafe3 RSI: 00000000000a0800 RDI: 0000564271736cd0 RBP: 00007fffdffcf340 R08: 0000564270eca670 R09: 0000000000000010 R10: 0000564270ecad0c R11: 0000000000000246 R12: 00007fffdffcf290 R13: 000056427173b4d0 R14: 0000000000000003 R15: 000000000000000e INFO: task syz-executor.0:30047 blocked for more than 143 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.0 D28496 30047 6793 0x00000004 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003 __mutex_lock_common kernel/locking/mutex.c:1007 [inline] __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092 blkdev_put+0x25/0x480 fs/block_dev.c:1927 blkdev_close+0x88/0xd0 fs/block_dev.c:1976 __fput+0x25a/0x780 fs/file_table.c:280 ____fput+0x9/0x10 fs/file_table.c:313 task_work_run+0x108/0x180 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x1f2/0x2e0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] syscall_return_slowpath arch/x86/entry/common.c:274 [inline] do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x416ec1 Code: Bad RIP value. RSP: 002b:00007ffdef339010 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000416ec1 RDX: 0000001b2c320000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: 00007ffdef339100 R11: 0000000000000293 R12: 000000000118d940 R13: 000000000118d940 R14: ffffffffffffffff R15: 000000000118cfec INFO: lockdep is turned off. NMI backtrace for cpu 0 CPU: 0 PID: 1107 Comm: khungtaskd Not tainted 5.3.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x165/0x21a lib/dump_stack.c:113 nmi_cpu_backtrace.cold.0+0x49/0x86 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x194/0x1bd lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline] watchdog+0x6a3/0xb60 kernel/hung_task.c:289 kthread+0x331/0x3f0 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 7 Comm: kworker/u4:0 Not tainted 5.3.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: bat_events batadv_mcast_mla_update RIP: 0010:unwind_next_frame.part.5+0x10/0xa60 arch/x86/kernel/unwind_frame.c:260 Code: 81 c4 00 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 f4 8d 10 00 0f 1f 40 00 48 b8 00 00 00 00 00 fc ff df 55 48 89 e5 41 57 <41> 56 41 55 41 54 4c 8d a5 78 ff ff ff 49 c1 ec 03 53 48 89 fb 49 RSP: 0018:ffff8880a98af710 EFLAGS: 00000202 RAX: dffffc0000000000 RBX: ffff8880a98af740 RCX: 0000000000000000 RDX: 0000000000000001 RSI: ffffffff87200184 RDI: ffff8880a98af740 RBP: ffff8880a98af718 R08: 1ffff11015315ef2 R09: ffff8880a98af778 R10: ffff8880a98af6f0 R11: ffff8880a98af79f R12: ffff8880a98af7f8 R13: 0000000000000000 R14: ffff8880a98941c0 R15: ffff8880a2e2e1d7 FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ff94ed5f000 CR3: 0000000099d09000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: unwind_next_frame+0x35/0x40 arch/x86/kernel/unwind_frame.c:265 arch_stack_walk+0x84/0xf0 arch/x86/kernel/stacktrace.c:25 stack_trace_save+0x82/0xb0 kernel/stacktrace.c:123 save_stack mm/kasan/common.c:69 [inline] set_track mm/kasan/common.c:77 [inline] __kasan_kmalloc.part.0+0x44/0xc0 mm/kasan/common.c:487 __kasan_kmalloc.constprop.1+0xb1/0xc0 mm/kasan/common.c:468 kasan_kmalloc+0x9/0x10 mm/kasan/common.c:501 kmem_cache_alloc_trace+0x162/0x410 mm/slab.c:3550 kmalloc include/linux/slab.h:552 [inline] batadv_mcast_mla_softif_get_ipv6 net/batman-adv/multicast.c:477 [inline] batadv_mcast_mla_softif_get net/batman-adv/multicast.c:536 [inline] __batadv_mcast_mla_update net/batman-adv/multicast.c:911 [inline] batadv_mcast_mla_update+0xe94/0x2f80 net/batman-adv/multicast.c:948 process_one_work+0x7d2/0x1560 kernel/workqueue.c:2269 worker_thread+0x85/0xb60 kernel/workqueue.c:2415 kthread+0x331/0x3f0 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352