INFO: task kworker/1:5:3883 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:5 state:D stack:0 pid:3883 tgid:3883 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16205 r9:00000000 r8:82714be8 r7:00000002 r6:dfc71d94 r5:84074800 r4:84074800 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84074800 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16205 r9:dfc71e20 r8:00000000 r7:ffffffff r6:00000000 r5:84df2c00 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84df2c00 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84074800 r8:00000180 r7:00000000 r6:82c16200 r5:00001000 r4:7f029000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfc73000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:84e75754 r4:84e75400 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:ddde40c0 r6:82c16200 r5:84e75754 r4:8457ce80 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84074800 r9:8457ceac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0 r4:8457ce80 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:df919e90 r8:8445b740 r7:8457ce80 r6:80267144 r5:84074800 r4:8445b880 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfc71fb0 to 0xdfc71ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:8445b880 INFO: task kworker/0:4:3893 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:4 state:D stack:0 pid:3893 tgid:3893 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16005 r9:00000000 r8:82714be8 r7:00000002 r6:dfc61d94 r5:84071800 r4:84071800 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84071800 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16005 r9:dfc61e20 r8:00000000 r7:ffffffff r6:00000000 r5:84707500 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84707500 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84071800 r8:00000080 r7:00000000 r6:82c16000 r5:00001000 r4:7f011000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:df959000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:84504f54 r4:84504c00 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:dddd00c0 r6:82c16000 r5:84504f54 r4:84c4c000 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84071800 r9:84c4c02c r8:61c88647 r7:dddd00e0 r6:82604d40 r5:dddd00c0 r4:84c4c000 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:df9bde90 r8:84ce4bc0 r7:84c4c000 r6:80267144 r5:84071800 r4:84634e80 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfc61fb0 to 0xdfc61ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84634e80 INFO: task kworker/1:47:4257 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:47 state:D stack:0 pid:4257 tgid:4257 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16205 r9:00000000 r8:82714be8 r7:00000002 r6:dfbd9d94 r5:84515400 r4:84515400 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84515400 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16205 r9:dfbd9e20 r8:00000000 r7:ffffffff r6:00000000 r5:84c30700 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c30700 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84515400 r8:00000180 r7:00000000 r6:82c16200 r5:00001000 r4:7f02b000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfd43000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:846b7f54 r4:846b7c00 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:ddde40c0 r6:82c16200 r5:846b7f54 r4:84e00c00 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84515400 r9:84e00c2c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0 r4:84e00c00 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:dfee9e90 r8:84c30a00 r7:84e00c00 r6:80267144 r5:84515400 r4:84e01500 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfbd9fb0 to 0xdfbd9ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84e01500 INFO: task kworker/0:61:4263 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:61 state:D stack:0 pid:4263 tgid:4263 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16005 r9:00000000 r8:82714be8 r7:00000002 r6:dfc4dd94 r5:84ea1800 r4:84ea1800 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84ea1800 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16005 r9:dfc4de20 r8:00000000 r7:ffffffff r6:00000000 r5:84707740 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84707740 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84ea1800 r8:00000080 r7:00000000 r6:82c16000 r5:00001000 r4:7f03b000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfe39000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:846a2b54 r4:846a2800 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:dddd00c0 r6:82c16000 r5:846a2b54 r4:84cd7600 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84ea1800 r9:84cd762c r8:61c88647 r7:dddd00e0 r6:82604d40 r5:dddd00c0 r4:84cd7600 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:dfa05e90 r8:84c30d40 r7:84cd7600 r6:80267144 r5:84ea1800 r4:84c30c40 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfc4dfb0 to 0xdfc4dff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84c30c40 INFO: task kworker/1:49:4266 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:49 state:D stack:0 pid:4266 tgid:4266 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16205 r9:00000000 r8:82714be8 r7:00000002 r6:dfcd1d94 r5:84ea2400 r4:84ea2400 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84ea2400 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16205 r9:dfcd1e20 r8:00000000 r7:ffffffff r6:00000000 r5:844d7500 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:844d7500 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84ea2400 r8:00000180 r7:00000000 r6:82c16200 r5:00001000 r4:7f045000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfb31000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:84506f54 r4:84506c00 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:ddde40c0 r6:82c16200 r5:84506f54 r4:84e00b80 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84ea2400 r9:84e00bac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0 r4:84e00b80 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:dfbd9e90 r8:84c30340 r7:84e00b80 r6:80267144 r5:84ea2400 r4:84e01cc0 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfcd1fb0 to 0xdfcd1ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84e01cc0 INFO: task kworker/1:50:4272 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:50 state:D stack:0 pid:4272 tgid:4272 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16205 r9:00000000 r8:82714be8 r7:00000002 r6:dfc59d94 r5:84ea3c00 r4:84ea3c00 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84ea3c00 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16205 r9:dfc59e20 r8:00000000 r7:ffffffff r6:00000000 r5:846120c0 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:846120c0 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84ea3c00 r8:00000180 r7:00000000 r6:82c16200 r5:00001000 r4:7f031000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfd87000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:846b5754 r4:846b5400 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:ddde40c0 r6:82c16200 r5:846b5754 r4:84e00d00 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84ea3c00 r9:84e00d2c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0 r4:84e00d00 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:dfbd9e90 r8:84c30580 r7:84e00d00 r6:80267144 r5:84ea3c00 r4:84612640 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfc59fb0 to 0xdfc59ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84612640 INFO: task kworker/0:62:4273 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:62 state:D stack:0 pid:4273 tgid:4273 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16005 r9:00000000 r8:82714be8 r7:00000002 r6:dfcbdd94 r5:84ea4800 r4:84ea4800 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84ea4800 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16005 r9:dfcbde20 r8:00000000 r7:ffffffff r6:00000000 r5:8414dd40 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8414dd40 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84ea4800 r8:00000080 r7:00000000 r6:82c16000 r5:00001000 r4:7f035000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfde7000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:846a1354 r4:846a1000 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:dddd00c0 r6:82c16000 r5:846a1354 r4:84cd7680 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84ea4800 r9:84cd76ac r8:61c88647 r7:dddd00e0 r6:82604d40 r5:dddd00c0 r4:84cd7680 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:dfc4de90 r8:84c30540 r7:84cd7680 r6:80267144 r5:84ea4800 r4:84c303c0 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfcbdfb0 to 0xdfcbdff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84c303c0 INFO: task kworker/1:51:4278 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:51 state:D stack:0 pid:4278 tgid:4278 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16205 r9:00000000 r8:82714be8 r7:00000002 r6:dfd41d94 r5:84ea5400 r4:84ea5400 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84ea5400 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16205 r9:dfd41e20 r8:00000000 r7:ffffffff r6:00000000 r5:84707980 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84707980 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84ea5400 r8:00000180 r7:00000000 r6:82c16200 r5:00001000 r4:7f03d000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfe83000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:84504354 r4:84504000 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:ddde40c0 r6:82c16200 r5:84504354 r4:84e00f80 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84ea5400 r9:84e00fac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0 r4:84e00f80 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:dfcd1e90 r8:84612e00 r7:84e00f80 r6:80267144 r5:84ea5400 r4:84793100 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfd41fb0 to 0xdfd41ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84793100 INFO: task kworker/1:52:4279 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:52 state:D stack:0 pid:4279 tgid:4279 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16205 r9:00000000 r8:82714be8 r7:00000002 r6:dfd85d94 r5:84ea6000 r4:84ea6000 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84ea6000 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16205 r9:dfd85e20 r8:00000000 r7:ffffffff r6:00000000 r5:84e10200 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e10200 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84ea6000 r8:00000180 r7:00000000 r6:82c16200 r5:00001000 r4:7f033000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfdb7000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:846b4b54 r4:846b4800 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:ddde40c0 r6:82c16200 r5:846b4b54 r4:84e00880 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84ea6000 r9:84e008ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0 r4:84e00880 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:dfcd1e90 r8:84612400 r7:84e00880 r6:80267144 r5:84ea6000 r4:84793100 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfd85fb0 to 0xdfd85ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84793100 INFO: task kworker/0:63:4285 blocked for more than 430 seconds. Not tainted 6.9.0-rc4-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:63 state:D stack:0 pid:4285 tgid:4285 ppid:2 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<818c2fc8>] (__schedule) from [<818c3c04>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<818c2fc8>] (__schedule) from [<818c3c04>] (schedule+0x2c/0xfc kernel/sched/core.c:6838) r10:82c16005 r9:00000000 r8:82714be8 r7:00000002 r6:dfdb5d94 r5:84ea3000 r4:84ea3000 [<818c3bd8>] (schedule) from [<818c4214>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6895) r5:84ea3000 r4:82714be4 [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline]) [<818c41fc>] (schedule_preempt_disabled) from [<818c6af4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752) [<818c680c>] (__mutex_lock.constprop.0) from [<818c73c0>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040) r10:82c16005 r9:dfdb5e20 r8:00000000 r7:ffffffff r6:00000000 r5:84707640 r4:00000000 [<818c73ac>] (__mutex_lock_slowpath) from [<818c7400>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286) [<818c73c4>] (mutex_lock) from [<8049c618>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2804) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vm_reset_perms mm/vmalloc.c:3251 [inline]) [<8049c5b8>] (_vm_unmap_aliases) from [<804a04a8>] (vfree+0x170/0x1e4 mm/vmalloc.c:3330) r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84707640 r4:00000000 [<804a0338>] (vfree) from [<802ed950>] (module_memfree+0x30/0x50 kernel/module/main.c:1189) r9:84ea3000 r8:00000080 r7:00000000 r6:82c16000 r5:00001000 r4:7f037000 [<802ed920>] (module_memfree) from [<80391538>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1058) r5:00001000 r4:dfe0f000 [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_binary_free kernel/bpf/core.c:1104 [inline]) [<80391528>] (bpf_jit_free_exec) from [<803916f8>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1228) [<80391690>] (bpf_jit_free) from [<803927e0>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2783) r5:846a0754 r4:846a0400 [<80392694>] (bpf_prog_free_deferred) from [<8026660c>] (process_one_work+0x1b8/0x508 kernel/workqueue.c:3254) r7:dddd00c0 r6:82c16000 r5:846a0754 r4:84cb2000 [<80266454>] (process_one_work) from [<80267330>] (process_scheduled_works kernel/workqueue.c:3335 [inline]) [<80266454>] (process_one_work) from [<80267330>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3416) r10:84ea3000 r9:84cb202c r8:61c88647 r7:dddd00e0 r6:82604d40 r5:dddd00c0 r4:84cb2000 [<80267144>] (worker_thread) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:dfc4de90 r8:84e10680 r7:84cb2000 r6:80267144 r5:84ea3000 r4:84e10600 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdfdb5fb0 to 0xdfdb5ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:84e10600 Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings NMI backtrace for cpu 0 CPU: 0 PID: 31 Comm: khungtaskd Not tainted 6.9.0-rc4-syzkaller #0 Hardware name: ARM-Versatile Express Call trace: [<818a18bc>] (dump_backtrace) from [<818a19b8>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:256) r7:00000000 r6:00000013 r5:60000093 r4:81fcea10 [<818a19a0>] (show_stack) from [<818bf0fc>] (__dump_stack lib/dump_stack.c:88 [inline]) [<818a19a0>] (show_stack) from [<818bf0fc>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:114) [<818bf08c>] (dump_stack_lvl) from [<818bf120>] (dump_stack+0x18/0x1c lib/dump_stack.c:123) r5:00000000 r4:00000001 [<818bf108>] (dump_stack) from [<8188ec94>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113) [<8188eb34>] (nmi_cpu_backtrace) from [<8188ede0>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000000 r6:8260c590 r5:8261a88c r4:ffffffff [<8188ecb0>] (nmi_trigger_cpumask_backtrace) from [<802105b4>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:851) r9:8260c6f4 r8:00007975 r7:8289ffe0 r6:00007d5b r5:85058e04 r4:85132c24 [<8021059c>] (arch_trigger_cpumask_backtrace) from [<8034eac8>] (trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]) [<8021059c>] (arch_trigger_cpumask_backtrace) from [<8034eac8>] (check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]) [<8021059c>] (arch_trigger_cpumask_backtrace) from [<8034eac8>] (watchdog+0x480/0x594 kernel/hung_task.c:380) [<8034e648>] (watchdog) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:df819e58 r8:82ebe2c0 r7:00000000 r6:8034e648 r5:82ee0c00 r4:82ebe1c0 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdf8ddfb0 to 0xdf8ddff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:82ebe1c0 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 3536 Comm: syz-executor.0 Not tainted 6.9.0-rc4-syzkaller #0 Hardware name: ARM-Versatile Express PC is at get_subtree_max_size mm/vmalloc.c:974 [inline] PC is at find_vmap_lowest_match mm/vmalloc.c:1500 [inline] PC is at __alloc_vmap_area mm/vmalloc.c:1771 [inline] PC is at alloc_vmap_area+0x4bc/0xd4c mm/vmalloc.c:1981 LR is at 0x83f10620 pc : [<8049cfe8>] lr : [<83f10620>] psr: a0000013 sp : df9c1c58 ip : 00002000 fp : df9c1cc4 r10: ff800000 r9 : df800000 r8 : 8260ca94 r7 : 00000000 r6 : ffffffff r5 : 00002000 r4 : 00002000 r3 : 83c703f0 r2 : eb1fb000 r1 : 83c61c60 r0 : e004b001 Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 30c5387d Table: 847adb00 DAC: 00000000 Call trace: [<8049cb2c>] (alloc_vmap_area) from [<8049d930>] (__get_vm_area_node.constprop.0+0xb8/0x178 mm/vmalloc.c:3093) r10:851c9180 r9:df800000 r8:00000dc0 r7:ffffffff r6:00000001 r5:00000022 r4:00002000 [<8049d878>] (__get_vm_area_node.constprop.0) from [<804a05fc>] (__vmalloc_node_range+0x90/0x534 mm/vmalloc.c:3778) r10:00000001 r9:00000000 r8:ffffffff r7:ff800000 r6:00000dc0 r5:00000050 r4:81fe7028 [<804a056c>] (__vmalloc_node_range) from [<804a0d44>] (__vmalloc_node mm/vmalloc.c:3883 [inline]) [<804a056c>] (__vmalloc_node_range) from [<804a0d44>] (vzalloc+0x6c/0x74 mm/vmalloc.c:3956) r10:84d2f800 r9:7eb2cf00 r8:00000310 r7:7eb2cf58 r6:df9c1e70 r5:00000000 r4:00000000 [<804a0cd8>] (vzalloc) from [<81606db4>] (alloc_counters net/ipv4/netfilter/ip_tables.c:799 [inline]) [<804a0cd8>] (vzalloc) from [<81606db4>] (copy_entries_to_user net/ipv4/netfilter/ip_tables.c:821 [inline]) [<804a0cd8>] (vzalloc) from [<81606db4>] (get_entries net/ipv4/netfilter/ip_tables.c:1022 [inline]) [<804a0cd8>] (vzalloc) from [<81606db4>] (do_ipt_get_ctl+0x214/0x558 net/ipv4/netfilter/ip_tables.c:1668) r4:7eb2cf80 [<81606ba0>] (do_ipt_get_ctl) from [<814ddc70>] (nf_getsockopt+0x50/0x68 net/netfilter/nf_sockopt.c:116) r10:813a6844 r9:7eb2cf00 r8:83175900 r7:7eb2cf58 r6:8416b640 r5:00000041 r4:827d18ec [<814ddc20>] (nf_getsockopt) from [<81575b80>] (ip_getsockopt+0xe4/0x104 net/ipv4/ip_sockglue.c:1777) r7:7eb2cf00 r6:7eb2cf58 r5:8416b640 r4:00000041 [<81575a9c>] (ip_getsockopt) from [<81585c38>] (tcp_getsockopt+0x34/0x6c net/ipv4/tcp.c:4375) r7:00000041 r6:00000000 r5:00000000 r4:81575a9c [<81585c04>] (tcp_getsockopt) from [<813a686c>] (sock_common_getsockopt+0x28/0x30 net/core/sock.c:3700) r4:81585c04 [<813a6844>] (sock_common_getsockopt) from [<813a3948>] (do_sock_getsockopt+0x120/0x274 net/socket.c:2373) r4:00000000 [<813a3828>] (do_sock_getsockopt) from [<813a5664>] (__sys_getsockopt net/socket.c:2402 [inline]) [<813a3828>] (do_sock_getsockopt) from [<813a5664>] (__do_sys_getsockopt net/socket.c:2412 [inline]) [<813a3828>] (do_sock_getsockopt) from [<813a5664>] (sys_getsockopt+0x90/0xd4 net/socket.c:2409) r10:00000127 r9:8357c800 r8:83175900 r7:7eb2cf58 r6:00000041 r5:00000000 r4:00000000 [<813a55d4>] (sys_getsockopt) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66) Exception stack(0xdf9c1fa8 to 0xdf9c1ff0) 1fa0: 7eb2cf00 7eb2cf04 00000003 00000000 00000041 7eb2cf58 1fc0: 7eb2cf00 7eb2cf04 00000000 00000127 00122078 00000003 7eb2cf00 7eb2cf00 1fe0: 00000000 7eb2ceb8 0011c000 000529f0 r8:80200288 r7:00000127 r6:00000000 r5:7eb2cf04 r4:7eb2cf00