INFO: task kworker/u4:2:38 blocked for more than 143 seconds. Not tainted 6.4.0-rc3-syzkaller-00032-g933174ae28ba-dirty #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u4:2 state:D stack:23832 pid:38 ppid:2 flags:0x00004000 Workqueue: events_unbound fsnotify_connector_destroy_workfn Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 schedule_timeout+0x276/0x2b0 kernel/time/timer.c:2143 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common+0x1ce/0x5c0 kernel/sched/completion.c:106 __synchronize_srcu+0x1be/0x2c0 kernel/rcu/srcutree.c:1360 fsnotify_connector_destroy_workfn+0x97/0x100 fs/notify/mark.c:209 process_one_work+0x99a/0x15e0 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0x881/0x10c0 kernel/workqueue.c:2554 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 Showing all threads with locks held in the system: task:kworker/u4:1 state:D stack:24640 pid:12 ppid:2 flags:0x00004000 Workqueue: events_unbound fsnotify_mark_destroy_workfn Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 schedule_timeout+0x276/0x2b0 kernel/time/timer.c:2143 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common+0x1ce/0x5c0 kernel/sched/completion.c:106 __synchronize_srcu+0x1be/0x2c0 kernel/rcu/srcutree.c:1360 fsnotify_mark_destroy_workfn+0x14b/0x420 fs/notify/mark.c:901 process_one_work+0x99a/0x15e0 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0x881/0x10c0 kernel/workqueue.c:2554 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 2 locks held by kworker/u4:1/12: #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1324 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:643 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:670 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x883/0x15e0 kernel/workqueue.c:2376 #1: ffffc90000117db0 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work+0x8b7/0x15e0 kernel/workqueue.c:2380 task:rcu_tasks_kthre state:I stack:29024 pid:13 ppid:2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 rcu_tasks_one_gp+0x489/0xd80 kernel/rcu/tasks.h:525 rcu_tasks_kthread+0x84/0xb0 kernel/rcu/tasks.h:563 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 1 lock held by rcu_tasks_kthre/13: #0: ffffffff8c7984f0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 kernel/rcu/tasks.h:518 task:rcu_tasks_trace state:I stack:29128 pid:14 ppid:2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 rcu_tasks_one_gp+0x489/0xd80 kernel/rcu/tasks.h:525 rcu_tasks_kthread+0x84/0xb0 kernel/rcu/tasks.h:563 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 1 lock held by rcu_tasks_trace/14: #0: ffffffff8c7981f0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xd80 kernel/rcu/tasks.h:518 task:khugepaged state:D stack:28376 pid:34 ppid:2 flags:0x00004000 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 schedule_timeout+0x276/0x2b0 kernel/time/timer.c:2143 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common+0x1ce/0x5c0 kernel/sched/completion.c:106 __flush_work+0x595/0xb60 kernel/workqueue.c:3189 __lru_add_drain_all+0x1bf/0x6a0 mm/swap.c:897 khugepaged_do_scan mm/khugepaged.c:2599 [inline] khugepaged+0x105/0x1740 mm/khugepaged.c:2668 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 1 lock held by khugepaged/34: #0: ffffffff8c89a5c8 (lock#3){+.+.}-{3:3}, at: __lru_add_drain_all+0x62/0x6a0 mm/swap.c:852 task:kworker/u4:2 state:D stack:23832 pid:38 ppid:2 flags:0x00004000 Workqueue: events_unbound fsnotify_connector_destroy_workfn Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 schedule_timeout+0x276/0x2b0 kernel/time/timer.c:2143 do_wait_for_common kernel/sched/completion.c:85 [inline] __wait_for_common+0x1ce/0x5c0 kernel/sched/completion.c:106 __synchronize_srcu+0x1be/0x2c0 kernel/rcu/srcutree.c:1360 fsnotify_connector_destroy_workfn+0x97/0x100 fs/notify/mark.c:209 process_one_work+0x99a/0x15e0 kernel/workqueue.c:2405 process_scheduled_works kernel/workqueue.c:2468 [inline] worker_thread+0x881/0x10c0 kernel/workqueue.c:2554 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 2 locks held by kworker/u4:2/38: #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1324 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:643 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:670 [inline] #0: ffff888012479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x883/0x15e0 kernel/workqueue.c:2376 #1: ffffc90000af7db0 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x8b7/0x15e0 kernel/workqueue.c:2380 task:kworker/u4:3 state:R running task stack:23328 pid:46 ppid:2 flags:0x00004000 Workqueue: bat_events batadv_nc_worker Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 worker_thread+0x160/0x10c0 kernel/workqueue.c:2573 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 no locks held by kworker/u4:3/46. task:kworker/u4:4 state:R running task stack:26144 pid:56 ppid:2 flags:0x00004000 Workqueue: 0x0 (wg-kex-wg2) Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 worker_thread+0x160/0x10c0 kernel/workqueue.c:2573 kthread+0x344/0x440 kernel/kthread.c:379 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 no locks held by kworker/u4:4/56. task:getty state:S stack:23320 pid:4760 ppid:1 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 schedule_timeout+0x276/0x2b0 kernel/time/timer.c:2143 wait_woken+0x197/0x200 kernel/sched/wait.c:463 n_tty_read+0x1055/0x13e0 drivers/tty/n_tty.c:2242 iterate_tty_read drivers/tty/tty_io.c:852 [inline] tty_read+0x30e/0x610 drivers/tty/tty_io.c:927 call_read_iter include/linux/fs.h:1862 [inline] new_sync_read fs/read_write.c:389 [inline] vfs_read+0x4b1/0x8a0 fs/read_write.c:470 ksys_read+0x12b/0x250 fs/read_write.c:613 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fb684cb5b6a RSP: 002b:00007ffd624422f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 0000558b2098a910 RCX: 00007fb684cb5b6a RDX: 0000000000000001 RSI: 00007ffd62442310 RDI: 0000000000000000 RBP: 0000558b2098a970 R08: 0000000000000000 R09: 43ac5665d88e4a10 R10: 0000000000000010 R11: 0000000000000246 R12: 0000558b2098a9ac R13: 00007ffd62442310 R14: 0000000000000000 R15: 0000558b2098a9ac 2 locks held by getty/4760: #0: ffff88802c2aa098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 drivers/tty/tty_ldisc.c:243 #1: ffffc900015b02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 drivers/tty/n_tty.c:2176 task:kworker/1:4 state:R running task stack:26712 pid:5018 ppid:2 flags:0x00004000 Workqueue: events prog_array_map_clear_deferred Call Trace: 2 locks held by kworker/1:4/5018: task:kworker/0:5 state:R running task stack:27192 pid:5019 ppid:2 flags:0x00004008 Workqueue: events prog_array_map_clear_deferred Call Trace: 2 locks held by kworker/0:5/5019: task:dhcpcd state:D stack:27528 pid:5164 ppid:4670 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 exp_funnel_lock kernel/rcu/tree_exp.h:316 [inline] synchronize_rcu_expedited+0x6f8/0x770 kernel/rcu/tree_exp.h:992 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 packet_release+0xa7d/0xd10 net/packet/af_packet.c:3167 __sock_release+0xcd/0x290 net/socket.c:653 sock_close+0x1c/0x20 net/socket.c:1397 __fput+0x27c/0xa90 fs/file_table.c:321 task_work_run+0x16f/0x270 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] exit_to_user_mode_loop kernel/entry/common.c:171 [inline] exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline] syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:297 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720dfb0a8 RSP: 002b:00007ffe5b6f0ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 00007ffe5b700f58 RCX: 00007f1720dfb0a8 RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 RBP: 000055f1f019f090 R08: 0000000000000012 R09: 0000000000000000 R10: 00007ffe5b7011a0 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000142c R14: 000000000000123e R15: 0000000000000000 1 lock held by dhcpcd/5164: #0: ffff888078242610 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:775 [inline] #0: ffff888078242610 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x290 net/socket.c:652 task:dhcpcd state:D stack:27624 pid:5204 ppid:4670 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 exp_funnel_lock kernel/rcu/tree_exp.h:316 [inline] synchronize_rcu_expedited+0x6f8/0x770 kernel/rcu/tree_exp.h:992 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 packet_release+0xa7d/0xd10 net/packet/af_packet.c:3167 __sock_release+0xcd/0x290 net/socket.c:653 sock_close+0x1c/0x20 net/socket.c:1397 __fput+0x27c/0xa90 fs/file_table.c:321 task_work_run+0x16f/0x270 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] exit_to_user_mode_loop kernel/entry/common.c:171 [inline] exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline] syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:297 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720dfb0a8 RSP: 002b:00007ffe5b6f0ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 00007ffe5b700f58 RCX: 00007f1720dfb0a8 RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 RBP: 000055f1f019f8e0 R08: 0000000000000018 R09: 0000000000000000 R10: 00007ffe5b7011a0 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000001454 R14: 000000000000123e R15: 0000000000000000 1 lock held by dhcpcd/5204: #0: ffff8880782d2010 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:775 [inline] #0: ffff8880782d2010 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x290 net/socket.c:652 task:dhcpcd state:D stack:27624 pid:5207 ppid:4670 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 exp_funnel_lock kernel/rcu/tree_exp.h:316 [inline] synchronize_rcu_expedited+0x6f8/0x770 kernel/rcu/tree_exp.h:992 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 packet_release+0xa7d/0xd10 net/packet/af_packet.c:3167 __sock_release+0xcd/0x290 net/socket.c:653 sock_close+0x1c/0x20 net/socket.c:1397 __fput+0x27c/0xa90 fs/file_table.c:321 task_work_run+0x16f/0x270 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] exit_to_user_mode_loop kernel/entry/common.c:171 [inline] exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline] syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:297 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720dfb0a8 RSP: 002b:00007ffe5b6f0ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 00007ffe5b700f58 RCX: 00007f1720dfb0a8 RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 RBP: 000055f1f019f5e0 R08: 000000000000001a R09: 0000000000000000 R10: 00007ffe5b7011a0 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000001457 R14: 000000000000123e R15: 0000000000000000 1 lock held by dhcpcd/5207: #0: ffff8880782d5c10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:775 [inline] #0: ffff8880782d5c10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x290 net/socket.c:652 task:dhcpcd state:D stack:27624 pid:5212 ppid:4670 flags:0x00004002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 synchronize_rcu_expedited+0x5d4/0x770 kernel/rcu/tree_exp.h:1007 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 packet_release+0xa7d/0xd10 net/packet/af_packet.c:3167 __sock_release+0xcd/0x290 net/socket.c:653 sock_close+0x1c/0x20 net/socket.c:1397 __fput+0x27c/0xa90 fs/file_table.c:321 task_work_run+0x16f/0x270 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] exit_to_user_mode_loop kernel/entry/common.c:171 [inline] exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline] syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:297 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720dfb0a8 RSP: 002b:00007ffe5b6f0ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 00007ffe5b700f58 RCX: 00007f1720dfb0a8 RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005 RBP: 000055f1f019fee0 R08: 000000000000001c R09: 0000000000000000 R10: 00007ffe5b7011a0 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000145c R14: 000000000000123e R15: 0000000000000000 2 locks held by dhcpcd/5212: #0: ffff88807820be10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:775 [inline] #0: ffff88807820be10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x290 net/socket.c:652 #1: ffffffff8c7a4578 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:325 [inline] #1: ffffffff8c7a4578 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3e8/0x770 kernel/rcu/tree_exp.h:992 task:syz-executor.4 state:D stack:23848 pid:5371 ppid:5360 flags:0x00004006 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6804 __mutex_lock_common kernel/locking/mutex.c:679 [inline] __mutex_lock+0xa3b/0x1350 kernel/locking/mutex.c:747 exp_funnel_lock kernel/rcu/tree_exp.h:325 [inline] synchronize_rcu_expedited+0x3e8/0x770 kernel/rcu/tree_exp.h:992 namespace_unlock+0x1af/0x410 fs/namespace.c:1499 drop_collected_mounts fs/namespace.c:1986 [inline] put_mnt_ns fs/namespace.c:4448 [inline] put_mnt_ns+0x10a/0x150 fs/namespace.c:4444 free_nsproxy+0x47/0x4d0 kernel/nsproxy.c:193 put_nsproxy include/linux/nsproxy.h:106 [inline] switch_task_namespaces+0xb1/0xd0 kernel/nsproxy.c:251 do_exit+0xace/0x2960 kernel/exit.c:870 do_group_exit+0xd4/0x2a0 kernel/exit.c:1021 get_signal+0x2315/0x25b0 kernel/signal.c:2874 arch_do_signal_or_restart+0x79/0x5c0 arch/x86/kernel/signal.c:306 exit_to_user_mode_loop kernel/entry/common.c:168 [inline] exit_to_user_mode_prepare+0x11f/0x240 kernel/entry/common.c:204 __syscall_exit_to_user_mode_work kernel/entry/common.c:286 [inline] syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:297 do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f11d5cb0e91 RSP: 002b:00007ffcc0f9abf0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 RAX: 0000000000000000 RBX: 0000000000000667 RCX: 00007f11d5cb0e91 RDX: 00007ffcc0f9ac30 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 00007ffcc0f9acbc R08: 0000000000000000 R09: 00007ffcc0fc7080 R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032 R13: 0000000000042567 R14: 0000000000000000 R15: 00007ffcc0f9ad20 1 lock held by syz-executor.4/5371: #0: ffffffff8c7a4578 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:325 [inline] #0: ffffffff8c7a4578 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3e8/0x770 kernel/rcu/tree_exp.h:992 task:kworker/1:5 state:R running task stack:26336 pid:5435 ppid:2 flags:0x00004008 Workqueue: events prog_array_map_clear_deferred Call Trace: 3 locks held by kworker/1:5/5435: task:kworker/0:8 state:R running task stack:26184 pid:5617 ppid:2 flags:0x00004000 Workqueue: events prog_array_map_clear_deferred Call Trace: 3 locks held by kworker/0:8/5617: task:dhcpcd state:D stack:29024 pid:14672 ppid:4670 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 exp_funnel_lock kernel/rcu/tree_exp.h:316 [inline] synchronize_rcu_expedited+0x6f8/0x770 kernel/rcu/tree_exp.h:992 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 __unregister_prot_hook+0x4b3/0x5c0 net/packet/af_packet.c:380 packet_do_bind+0x93f/0xe30 net/packet/af_packet.c:3235 packet_bind+0x15f/0x1c0 net/packet/af_packet.c:3319 __sys_bind+0x1ed/0x260 net/socket.c:1803 __do_sys_bind net/socket.c:1814 [inline] __se_sys_bind net/socket.c:1812 [inline] __x64_sys_bind+0x73/0xb0 net/socket.c:1812 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720e08677 RSP: 002b:00007ffe5b6e0a08 EFLAGS: 00000217 ORIG_RAX: 0000000000000031 RAX: ffffffffffffffda RBX: 000055f1eeec1ca3 RCX: 00007f1720e08677 RDX: 0000000000000014 RSI: 00007ffe5b6e0a18 RDI: 0000000000000005 RBP: 0000000000000000 R08: 000055f1f01a0590 R09: 0000000000200000 R10: 000000000000006d R11: 0000000000000217 R12: 000055f1f019c160 R13: 000055f1f019f0f8 R14: 00007ffe5b7012fc R15: 000055f1f019f0c4 1 lock held by dhcpcd/14672: #0: ffff88802abd4130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1697 [inline] #0: ffff88802abd4130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2f/0xe30 net/packet/af_packet.c:3202 task:dhcpcd state:D stack:29024 pid:14707 ppid:4670 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 exp_funnel_lock kernel/rcu/tree_exp.h:316 [inline] synchronize_rcu_expedited+0x6f8/0x770 kernel/rcu/tree_exp.h:992 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 __unregister_prot_hook+0x4b3/0x5c0 net/packet/af_packet.c:380 packet_do_bind+0x93f/0xe30 net/packet/af_packet.c:3235 packet_bind+0x15f/0x1c0 net/packet/af_packet.c:3319 __sys_bind+0x1ed/0x260 net/socket.c:1803 __do_sys_bind net/socket.c:1814 [inline] __se_sys_bind net/socket.c:1812 [inline] __x64_sys_bind+0x73/0xb0 net/socket.c:1812 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720e08677 RSP: 002b:00007ffe5b6e0a08 EFLAGS: 00000217 ORIG_RAX: 0000000000000031 RAX: ffffffffffffffda RBX: 000055f1eeec1ca3 RCX: 00007f1720e08677 RDX: 0000000000000014 RSI: 00007ffe5b6e0a18 RDI: 0000000000000005 RBP: 0000000000000000 R08: 000055f1f01a0590 R09: 0000000000200000 R10: 000000000000006d R11: 0000000000000217 R12: 000055f1f019c160 R13: 000055f1f0199ce8 R14: 00007ffe5b7012fc R15: 000055f1f0199cb4 1 lock held by dhcpcd/14707: #0: ffff8880b2a62130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1697 [inline] #0: ffff8880b2a62130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2f/0xe30 net/packet/af_packet.c:3202 task:dhcpcd state:D stack:29024 pid:14709 ppid:4670 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 exp_funnel_lock kernel/rcu/tree_exp.h:316 [inline] synchronize_rcu_expedited+0x6f8/0x770 kernel/rcu/tree_exp.h:992 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 __unregister_prot_hook+0x4b3/0x5c0 net/packet/af_packet.c:380 packet_do_bind+0x93f/0xe30 net/packet/af_packet.c:3235 packet_bind+0x15f/0x1c0 net/packet/af_packet.c:3319 __sys_bind+0x1ed/0x260 net/socket.c:1803 __do_sys_bind net/socket.c:1814 [inline] __se_sys_bind net/socket.c:1812 [inline] __x64_sys_bind+0x73/0xb0 net/socket.c:1812 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720e08677 RSP: 002b:00007ffe5b6e0a08 EFLAGS: 00000217 ORIG_RAX: 0000000000000031 RAX: ffffffffffffffda RBX: 000055f1eeec1ca3 RCX: 00007f1720e08677 RDX: 0000000000000014 RSI: 00007ffe5b6e0a18 RDI: 0000000000000005 RBP: 0000000000000000 R08: 000055f1f01a0590 R09: 0000000000200000 R10: 000000000000006d R11: 0000000000000217 R12: 000055f1f019c160 R13: 000055f1f0199e68 R14: 00007ffe5b7012fc R15: 000055f1f0199e34 1 lock held by dhcpcd/14709: #0: ffff888024600130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1697 [inline] #0: ffff888024600130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2f/0xe30 net/packet/af_packet.c:3202 task:dhcpcd state:D stack:29024 pid:14744 ppid:4670 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 exp_funnel_lock kernel/rcu/tree_exp.h:316 [inline] synchronize_rcu_expedited+0x6f8/0x770 kernel/rcu/tree_exp.h:992 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 __unregister_prot_hook+0x4b3/0x5c0 net/packet/af_packet.c:380 packet_do_bind+0x93f/0xe30 net/packet/af_packet.c:3235 packet_bind+0x15f/0x1c0 net/packet/af_packet.c:3319 __sys_bind+0x1ed/0x260 net/socket.c:1803 __do_sys_bind net/socket.c:1814 [inline] __se_sys_bind net/socket.c:1812 [inline] __x64_sys_bind+0x73/0xb0 net/socket.c:1812 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720e08677 RSP: 002b:00007ffe5b6e0a08 EFLAGS: 00000217 ORIG_RAX: 0000000000000031 RAX: ffffffffffffffda RBX: 000055f1eeec1ca3 RCX: 00007f1720e08677 RDX: 0000000000000014 RSI: 00007ffe5b6e0a18 RDI: 0000000000000005 RBP: 0000000000000000 R08: 000055f1f01a0710 R09: 0000000000200000 R10: 000000000000006d R11: 0000000000000217 R12: 000055f1f019c160 R13: 000055f1f01a05f8 R14: 00007ffe5b7012fc R15: 000055f1f01a05c4 1 lock held by dhcpcd/14744: #0: ffff88802b64e130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1697 [inline] #0: ffff88802b64e130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2f/0xe30 net/packet/af_packet.c:3202 task:dhcpcd state:D stack:29024 pid:14766 ppid:4670 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5343 [inline] __schedule+0xc9a/0x5880 kernel/sched/core.c:6669 schedule+0xde/0x1a0 kernel/sched/core.c:6745 exp_funnel_lock kernel/rcu/tree_exp.h:316 [inline] synchronize_rcu_expedited+0x6f8/0x770 kernel/rcu/tree_exp.h:992 synchronize_rcu+0x2f1/0x3a0 kernel/rcu/tree.c:3499 synchronize_net+0x4e/0x60 net/core/dev.c:10791 __unregister_prot_hook+0x4b3/0x5c0 net/packet/af_packet.c:380 packet_do_bind+0x93f/0xe30 net/packet/af_packet.c:3235 packet_bind+0x15f/0x1c0 net/packet/af_packet.c:3319 __sys_bind+0x1ed/0x260 net/socket.c:1803 __do_sys_bind net/socket.c:1814 [inline] __se_sys_bind net/socket.c:1812 [inline] __x64_sys_bind+0x73/0xb0 net/socket.c:1812 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f1720e08677 RSP: 002b:00007ffe5b6e0a08 EFLAGS: 00000217 ORIG_RAX: 0000000000000031 RAX: ffffffffffffffda RBX: 000055f1eeec1ca3 RCX: 00007f1720e08677 RDX: 0000000000000014 RSI: 00007ffe5b6e0a18 RDI: 0000000000000005 RBP: 0000000000000000 R08: 000055f1f01a0890 R09: 0000000000200000