INFO: task kworker/0:45:4245 blocked for more than 430 seconds. Not tainted 6.11.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:45 state:D stack:0 pid:4245 tgid:4245 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81975264>] (__schedule) from [<81975dfc>] (__schedule_loop kernel/sched/core.c:6606 [inline]) [<81975264>] (__schedule) from [<81975dfc>] (schedule+0x2c/0xfc kernel/sched/core.c:6621) r10:8260ca7c r9:00000000 r8:82714ab8 r7:00000002 r6:df9e1da4 r5:84e60c00 r4:84e60c00 [<81975dd0>] (schedule) from [<819761b0>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6678) r5:84e60c00 r4:82714ab4 [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<819789a0>] (__mutex_lock.constprop.0) from [<81979554>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:8260ca7c r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:df9e1e20 r4:00000000 [<81979540>] (__mutex_lock_slowpath) from [<81979594>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<81979558>] (mutex_lock) from [<804a5f80>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2846) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vm_reset_perms mm/vmalloc.c:3275 [inline]) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3354) r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e4a140 r4:00000000 [<804a9b68>] (vfree) from [<804facec>] (execmem_free+0x30/0x64 mm/execmem.c:69) r9:84e60c00 r8:00800000 r7:00000000 r6:82c16000 r5:00001000 r4:7f04b000 [<804facbc>] (execmem_free) from [<8039381c>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1072) r5:00001000 r4:dfe1f000 [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_binary_free kernel/bpf/core.c:1118 [inline]) [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1241) [<80393b94>] (bpf_jit_free) from [<80394d38>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2800) r5:84db8354 r4:84db8000 [<80394bec>] (bpf_prog_free_deferred) from [<80265f08>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3231) r7:dddd0000 r6:82c16000 r5:84db8354 r4:84e4b780 [<80265d54>] (process_one_work) from [<80266aec>] (process_scheduled_works kernel/workqueue.c:3312 [inline]) [<80265d54>] (process_one_work) from [<80266aec>] (worker_thread+0x1ec/0x3f4 kernel/workqueue.c:3390) r10:84e60c00 r9:84e4b7ac r8:61c88647 r7:dddd0020 r6:82604d40 r5:dddd0000 r4:84e4b780 [<80266900>] (worker_thread) from [<8026fb44>] (kthread+0x104/0x134 kernel/kthread.c:389) r10:00000000 r9:df9a5e78 r8:84e92c00 r7:84e4b780 r6:80266900 r5:84e60c00 r4:84e92b80 [<8026fa40>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdf9e1fb0 to 0xdf9e1ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026fa40 r4:84e92b80 INFO: task kworker/1:54:4285 blocked for more than 430 seconds. Not tainted 6.11.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:54 state:D stack:0 pid:4285 tgid:4285 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81975264>] (__schedule) from [<81975dfc>] (__schedule_loop kernel/sched/core.c:6606 [inline]) [<81975264>] (__schedule) from [<81975dfc>] (schedule+0x2c/0xfc kernel/sched/core.c:6621) r10:8260ca7c r9:00000000 r8:82714ab8 r7:00000002 r6:dfda5da4 r5:84e59800 r4:84e59800 [<81975dd0>] (schedule) from [<819761b0>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6678) r5:84e59800 r4:82714ab4 [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<819789a0>] (__mutex_lock.constprop.0) from [<81979554>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:8260ca7c r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfda5e20 r4:00000000 [<81979540>] (__mutex_lock_slowpath) from [<81979594>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<81979558>] (mutex_lock) from [<804a5f80>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2846) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vm_reset_perms mm/vmalloc.c:3275 [inline]) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3354) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84ccac00 r4:00000000 [<804a9b68>] (vfree) from [<804facec>] (execmem_free+0x30/0x64 mm/execmem.c:69) r9:84e59800 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f041000 [<804facbc>] (execmem_free) from [<8039381c>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1072) r5:00001000 r4:dfd93000 [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_binary_free kernel/bpf/core.c:1118 [inline]) [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1241) [<80393b94>] (bpf_jit_free) from [<80394d38>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2800) r5:84ec4b54 r4:84ec4800 [<80394bec>] (bpf_prog_free_deferred) from [<80265f08>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3231) r7:ddde4000 r6:82c16200 r5:84ec4b54 r4:84e2ad80 [<80265d54>] (process_one_work) from [<80266aec>] (process_scheduled_works kernel/workqueue.c:3312 [inline]) [<80265d54>] (process_one_work) from [<80266aec>] (worker_thread+0x1ec/0x3f4 kernel/workqueue.c:3390) r10:84e59800 r9:84e2adac r8:61c88647 r7:ddde4020 r6:82604d40 r5:ddde4000 r4:84e2ad80 [<80266900>] (worker_thread) from [<8026fb44>] (kthread+0x104/0x134 kernel/kthread.c:389) r10:00000000 r9:dfd05e78 r8:84e46840 r7:84e2ad80 r6:80266900 r5:84e59800 r4:84e46640 [<8026fa40>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdfda5fb0 to 0xdfda5ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026fa40 r4:84e46640 INFO: task kworker/1:55:4286 blocked for more than 430 seconds. Not tainted 6.11.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:55 state:D stack:0 pid:4286 tgid:4286 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81975264>] (__schedule) from [<81975dfc>] (__schedule_loop kernel/sched/core.c:6606 [inline]) [<81975264>] (__schedule) from [<81975dfc>] (schedule+0x2c/0xfc kernel/sched/core.c:6621) r10:8260ca7c r9:00000000 r8:82714ab8 r7:00000002 r6:dfdd9da4 r5:84e5a400 r4:84e5a400 [<81975dd0>] (schedule) from [<819761b0>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6678) r5:84e5a400 r4:82714ab4 [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<819789a0>] (__mutex_lock.constprop.0) from [<81979554>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:8260ca7c r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfdd9e20 r4:00000000 [<81979540>] (__mutex_lock_slowpath) from [<81979594>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<81979558>] (mutex_lock) from [<804a5f80>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2846) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vm_reset_perms mm/vmalloc.c:3275 [inline]) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3354) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e46280 r4:00000000 [<804a9b68>] (vfree) from [<804facec>] (execmem_free+0x30/0x64 mm/execmem.c:69) r9:84e5a400 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f049000 [<804facbc>] (execmem_free) from [<8039381c>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1072) r5:00001000 r4:dfdff000 [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_binary_free kernel/bpf/core.c:1118 [inline]) [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1241) [<80393b94>] (bpf_jit_free) from [<80394d38>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2800) r5:84db1754 r4:84db1400 [<80394bec>] (bpf_prog_free_deferred) from [<80265f08>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3231) r7:ddde4000 r6:82c16200 r5:84db1754 r4:84e2ae00 [<80265d54>] (process_one_work) from [<80266aec>] (process_scheduled_works kernel/workqueue.c:3312 [inline]) [<80265d54>] (process_one_work) from [<80266aec>] (worker_thread+0x1ec/0x3f4 kernel/workqueue.c:3390) r10:84e5a400 r9:84e2ae2c r8:61c88647 r7:ddde4020 r6:82604d40 r5:ddde4000 r4:84e2ae00 [<80266900>] (worker_thread) from [<8026fb44>] (kthread+0x104/0x134 kernel/kthread.c:389) r10:00000000 r9:dfd05e78 r8:84e46d00 r7:84e2ae00 r6:80266900 r5:84e5a400 r4:84e46640 [<8026fa40>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdfdd9fb0 to 0xdfdd9ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026fa40 r4:84e46640 INFO: task kworker/1:56:4291 blocked for more than 430 seconds. Not tainted 6.11.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:56 state:D stack:0 pid:4291 tgid:4291 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81975264>] (__schedule) from [<81975dfc>] (__schedule_loop kernel/sched/core.c:6606 [inline]) [<81975264>] (__schedule) from [<81975dfc>] (schedule+0x2c/0xfc kernel/sched/core.c:6621) r10:8260ca7c r9:00000000 r8:82714ab8 r7:00000002 r6:dfd0dda4 r5:84e5b000 r4:84e5b000 [<81975dd0>] (schedule) from [<819761b0>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6678) r5:84e5b000 r4:82714ab4 [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<819789a0>] (__mutex_lock.constprop.0) from [<81979554>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:8260ca7c r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfd0de20 r4:00000000 [<81979540>] (__mutex_lock_slowpath) from [<81979594>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<81979558>] (mutex_lock) from [<804a5f80>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2846) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vm_reset_perms mm/vmalloc.c:3275 [inline]) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3354) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e457c0 r4:00000000 [<804a9b68>] (vfree) from [<804facec>] (execmem_free+0x30/0x64 mm/execmem.c:69) r9:84e5b000 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f013000 [<804facbc>] (execmem_free) from [<8039381c>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1072) r5:00001000 r4:df99b000 [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_binary_free kernel/bpf/core.c:1118 [inline]) [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1241) [<80393b94>] (bpf_jit_free) from [<80394d38>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2800) r5:84dba354 r4:84dba000 [<80394bec>] (bpf_prog_free_deferred) from [<80265f08>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3231) r7:ddde4000 r6:82c16200 r5:84dba354 r4:84e2ae80 [<80265d54>] (process_one_work) from [<80266aec>] (process_scheduled_works kernel/workqueue.c:3312 [inline]) [<80265d54>] (process_one_work) from [<80266aec>] (worker_thread+0x1ec/0x3f4 kernel/workqueue.c:3390) r10:84e5b000 r9:84e2aeac r8:61c88647 r7:ddde4020 r6:82604d40 r5:ddde4000 r4:84e2ae80 [<80266900>] (worker_thread) from [<8026fb44>] (kthread+0x104/0x134 kernel/kthread.c:389) r10:00000000 r9:dfd05e78 r8:84e4a480 r7:84e2ae80 r6:80266900 r5:84e5b000 r4:84e4a500 [<8026fa40>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdfd0dfb0 to 0xdfd0dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026fa40 r4:84e4a500 INFO: task kworker/0:54:4292 blocked for more than 430 seconds. Not tainted 6.11.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:54 state:D stack:0 pid:4292 tgid:4292 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81975264>] (__schedule) from [<81975dfc>] (__schedule_loop kernel/sched/core.c:6606 [inline]) [<81975264>] (__schedule) from [<81975dfc>] (schedule+0x2c/0xfc kernel/sched/core.c:6621) r10:8260ca7c r9:00000000 r8:82714ab8 r7:00000002 r6:dfdfdda4 r5:84e6bc00 r4:84e6bc00 [<81975dd0>] (schedule) from [<819761b0>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6678) r5:84e6bc00 r4:82714ab4 [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<819789a0>] (__mutex_lock.constprop.0) from [<81979554>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:8260ca7c r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfdfde20 r4:00000000 [<81979540>] (__mutex_lock_slowpath) from [<81979594>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<81979558>] (mutex_lock) from [<804a5f80>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2846) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vm_reset_perms mm/vmalloc.c:3275 [inline]) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3354) r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e46440 r4:00000000 [<804a9b68>] (vfree) from [<804facec>] (execmem_free+0x30/0x64 mm/execmem.c:69) r9:84e6bc00 r8:00800000 r7:00000000 r6:82c16000 r5:00001000 r4:7f04d000 [<804facbc>] (execmem_free) from [<8039381c>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1072) r5:00001000 r4:dfe4f000 [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_binary_free kernel/bpf/core.c:1118 [inline]) [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1241) [<80393b94>] (bpf_jit_free) from [<80394d38>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2800) r5:84db9354 r4:84db9000 [<80394bec>] (bpf_prog_free_deferred) from [<80265f08>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3231) r7:dddd0000 r6:82c16000 r5:84db9354 r4:84e4bc00 [<80265d54>] (process_one_work) from [<80266aec>] (process_scheduled_works kernel/workqueue.c:3312 [inline]) [<80265d54>] (process_one_work) from [<80266aec>] (worker_thread+0x1ec/0x3f4 kernel/workqueue.c:3390) r10:84e6bc00 r9:84e4bc2c r8:61c88647 r7:dddd0020 r6:82604d40 r5:dddd0000 r4:84e4bc00 [<80266900>] (worker_thread) from [<8026fb44>] (kthread+0x104/0x134 kernel/kthread.c:389) r10:00000000 r9:dfcd5e78 r8:84e4d440 r7:84e4bc00 r6:80266900 r5:84e6bc00 r4:84e4d3c0 [<8026fa40>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdfdfdfb0 to 0xdfdfdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026fa40 r4:84e4d3c0 INFO: task kworker/1:57:4293 blocked for more than 430 seconds. Not tainted 6.11.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:57 state:D stack:0 pid:4293 tgid:4293 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81975264>] (__schedule) from [<81975dfc>] (__schedule_loop kernel/sched/core.c:6606 [inline]) [<81975264>] (__schedule) from [<81975dfc>] (schedule+0x2c/0xfc kernel/sched/core.c:6621) r10:8260ca7c r9:00000000 r8:82714ab8 r7:00000002 r6:dfe5dda4 r5:84e6a400 r4:84e6a400 [<81975dd0>] (schedule) from [<819761b0>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6678) r5:84e6a400 r4:82714ab4 [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<81976198>] (schedule_preempt_disabled) from [<81978c88>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<819789a0>] (__mutex_lock.constprop.0) from [<81979554>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:8260ca7c r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfe5de20 r4:00000000 [<81979540>] (__mutex_lock_slowpath) from [<81979594>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<81979558>] (mutex_lock) from [<804a5f80>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2846) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vm_reset_perms mm/vmalloc.c:3275 [inline]) [<804a5f18>] (_vm_unmap_aliases) from [<804a9cd8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3354) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e45500 r4:00000000 [<804a9b68>] (vfree) from [<804facec>] (execmem_free+0x30/0x64 mm/execmem.c:69) r9:84e6a400 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f04f000 [<804facbc>] (execmem_free) from [<8039381c>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1072) r5:00001000 r4:dfe95000 [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_binary_free kernel/bpf/core.c:1118 [inline]) [<8039380c>] (bpf_jit_free_exec) from [<80393bfc>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1241) [<80393b94>] (bpf_jit_free) from [<80394d38>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2800) r5:84db9f54 r4:84db9c00 [<80394bec>] (bpf_prog_free_deferred) from [<80265f08>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3231) r7:ddde4000 r6:82c16200 r5:84db9f54 r4:84e2af00 [<80265d54>] (process_one_work) from [<80266aec>] (process_scheduled_works kernel/workqueue.c:3312 [inline]) [<80265d54>] (process_one_work) from [<80266aec>] (worker_thread+0x1ec/0x3f4 kernel/workqueue.c:3390) r10:84e6a400 r9:84e2af2c r8:61c88647 r7:ddde4020 r6:82604d40 r5:ddde4000 r4:84e2af00 [<80266900>] (worker_thread) from [<8026fb44>] (kthread+0x104/0x134 kernel/kthread.c:389) r10:00000000 r9:dfd0de78 r8:84e4d500 r7:84e2af00 r6:80266900 r5:84e6a400 r4:84e4a0c0 [<8026fa40>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdfe5dfb0 to 0xdfe5dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026fa40 r4:84e4a0c0 NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Not tainted 6.11.0-rc1-syzkaller #0 Hardware name: ARM-Versatile Express Call trace: [<81953788>] (dump_backtrace) from [<81953884>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257) r7:00000000 r6:00000113 r5:60000193 r4:8200ba44 [<8195386c>] (show_stack) from [<81971574>] (__dump_stack lib/dump_stack.c:93 [inline]) [<8195386c>] (show_stack) from [<81971574>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:119) [<81971504>] (dump_stack_lvl) from [<81971598>] (dump_stack+0x18/0x1c lib/dump_stack.c:128) r5:00000000 r4:00000001 [<81971580>] (dump_stack) from [<81940a94>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113) [<81940934>] (nmi_cpu_backtrace) from [<81940be0>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000000 r6:8260c5d0 r5:8261a88c r4:ffffffff [<81940ab0>] (nmi_trigger_cpumask_backtrace) from [<802103c8>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:851) r9:000081d9 r8:828b10f0 r7:8260c734 r6:00007d57 r5:8261ae48 r4:850af91c [<802103b0>] (arch_trigger_cpumask_backtrace) from [<80350c74>] (trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]) [<802103b0>] (arch_trigger_cpumask_backtrace) from [<80350c74>] (check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]) [<802103b0>] (arch_trigger_cpumask_backtrace) from [<80350c74>] (watchdog+0x498/0x5b8 kernel/hung_task.c:379) [<803507dc>] (watchdog) from [<8026fb44>] (kthread+0x104/0x134 kernel/kthread.c:389) r10:00000000 r9:df819e58 r8:82f23740 r7:00000000 r6:803507dc r5:82e59800 r4:82ec6940 [<8026fa40>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdf8e1fb0 to 0xdf8e1ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026fa40 r4:82ec6940 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 2920 Comm: syslogd Not tainted 6.11.0-rc1-syzkaller #0 Hardware name: ARM-Versatile Express PC is at __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline] PC is at _raw_spin_unlock_irqrestore+0x28/0x54 kernel/locking/spinlock.c:194 LR is at __debug_check_no_obj_freed lib/debugobjects.c:999 [inline] LR is at debug_check_no_obj_freed+0x184/0x2a0 lib/debugobjects.c:1020 pc : [<8197e614>] lr : [<80826fe4>] psr: 60000113 sp : ec325c60 ip : ec325c70 fp : ec325c6c r10: 00000000 r9 : 84d02200 r8 : 84d02400 r7 : 81453f84 r6 : 00000100 r5 : 00000000 r4 : 00000000 r3 : 0000005b r2 : 0000118b r1 : 00000113 r0 : 828d8324 Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 30c5387d Table: 84304000 DAC: 00000000 Call trace: [<8197e5ec>] (_raw_spin_unlock_irqrestore) from [<80826fe4>] (__debug_check_no_obj_freed lib/debugobjects.c:999 [inline]) [<8197e5ec>] (_raw_spin_unlock_irqrestore) from [<80826fe4>] (debug_check_no_obj_freed+0x184/0x2a0 lib/debugobjects.c:1020) [<80826e60>] (debug_check_no_obj_freed) from [<804bc47c>] (slab_free_hook mm/slub.c:2219 [inline]) [<80826e60>] (debug_check_no_obj_freed) from [<804bc47c>] (slab_free mm/slub.c:4473 [inline]) [<80826e60>] (debug_check_no_obj_freed) from [<804bc47c>] (kfree+0x198/0x338 mm/slub.c:4594) r10:00000000 r9:0000008d r8:84d02300 r7:81453f84 r6:82c02240 r5:ddea6448 r4:84d02200 [<804bc2e4>] (kfree) from [<81453f84>] (skb_kfree_head net/core/skbuff.c:1084 [inline]) [<804bc2e4>] (kfree) from [<81453f84>] (skb_free_head+0x48/0x90 net/core/skbuff.c:1096) r10:00000000 r9:0000008d r8:84d02300 r7:00000002 r6:83d3ce34 r5:83e75b40 r4:84d02200 [<81453f3c>] (skb_free_head) from [<81458bf8>] (skb_release_data+0x198/0x1b8 net/core/skbuff.c:1123) r5:83e75b40 r4:83e75b40 [<81458a60>] (skb_release_data) from [<8145ab74>] (skb_release_all net/core/skbuff.c:1188 [inline]) [<81458a60>] (skb_release_data) from [<8145ab74>] (__kfree_skb net/core/skbuff.c:1202 [inline]) [<81458a60>] (skb_release_data) from [<8145ab74>] (consume_skb net/core/skbuff.c:1426 [inline]) [<81458a60>] (skb_release_data) from [<8145ab74>] (consume_skb+0x4c/0x13c net/core/skbuff.c:1420) r9:0000008d r8:0000008d r7:8306a000 r6:83d3ce34 r5:8146103c r4:83e75b40 [<8145ab28>] (consume_skb) from [<8146103c>] (skb_free_datagram+0x14/0x18 net/core/datagram.c:323) r7:8306a000 r6:83d3ce34 r5:83d3cc00 r4:83e75b40 [<81461028>] (skb_free_datagram) from [<817053ec>] (__unix_dgram_recvmsg+0x2c4/0x4c8 net/unix/af_unix.c:2527) [<81705128>] (__unix_dgram_recvmsg) from [<81705634>] (unix_dgram_recvmsg+0x44/0x4c net/unix/af_unix.c:2544) r10:00000001 r9:00000000 r8:015511d0 r7:00000000 r6:8306a000 r5:ec325e68 r4:817055f0 [<817055f0>] (unix_dgram_recvmsg) from [<814469e8>] (sock_recvmsg_nosec net/socket.c:1046 [inline]) [<817055f0>] (unix_dgram_recvmsg) from [<814469e8>] (sock_recvmsg+0x50/0x78 net/socket.c:1068) r4:817055f0 [<81446998>] (sock_recvmsg) from [<81446ab4>] (sock_read_iter+0xa4/0xfc net/socket.c:1138) r7:8306a000 r6:82f54c00 r5:ec325f08 r4:ec325ef0 [<81446a10>] (sock_read_iter) from [<80500a24>] (new_sync_read fs/read_write.c:395 [inline]) [<81446a10>] (sock_read_iter) from [<80500a24>] (vfs_read+0x2f4/0x324 fs/read_write.c:476) r7:00000000 r6:83fa4800 r5:000000ff r4:82f54c00 [<80500730>] (vfs_read) from [<805014c4>] (ksys_read+0xc4/0xf8 fs/read_write.c:619) r10:00000003 r9:83fa4800 r8:8020029c r7:000000ff r6:015511d0 r5:82f54c00 r4:82f54c00 [<80501400>] (ksys_read) from [<80501508>] (__do_sys_read fs/read_write.c:629 [inline]) [<80501400>] (ksys_read) from [<80501508>] (sys_read+0x10/0x14 fs/read_write.c:627) r7:00000003 r6:015512d0 r5:76fdf5a0 r4:fffffc00 [<805014f8>] (sys_read) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:67) Exception stack(0xec325fa8 to 0xec325ff0) 5fa0: fffffc00 76fdf5a0 00000000 015511d0 000000ff 00000000 5fc0: fffffc00 76fdf5a0 015512d0 00000003 00000000 015511c8 76fa854c 76fa8548 5fe0: 76fa79f8 7e95bc70 76f1d2ec 76e2b2fc