batman_adv: batadv0: Interface activated: batadv_slave_1
IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
Bluetooth: hci5 command 0x0406 tx timeout
BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 273s!
Showing busy workqueues and worker pools:
workqueue events: flags=0x0
pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=17/256 refcnt=18
in-flight: 9071:rtc_timer_do_work
pending: defense_work_handler, macvlan_process_broadcast, defense_work_handler, cache_reap, defense_work_handler, macvlan_process_broadcast, hci_cmd_timeout, hci_cmd_timeout, hci_cmd_timeout, hci_cmd_timeout, hci_cmd_timeout, kernfs_notify_workfn, pcpu_balance_workfn, wait_rcu_exp_gp, macvlan_process_broadcast, switchdev_deferred_process_work
workqueue events_unbound: flags=0x2
pwq 4: cpus=0-1 flags=0x4 nice=0 active=4/512 refcnt=7
in-flight: 5:fsnotify_connector_destroy_workfn fsnotify_connector_destroy_workfn, 33:fsnotify_mark_destroy_workfn fsnotify_mark_destroy_workfn
workqueue events_freezable: flags=0x4
pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
pending: update_balloon_stats_func
workqueue events_power_efficient: flags=0x80
pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
pending: process_srcu, fb_flashcursor, neigh_periodic_work
workqueue mm_percpu_wq: flags=0x8
pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
pending: vmstat_update
workqueue ipv6_addrconf: flags=0x40008
pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/1 refcnt=116
pending: addrconf_dad_work
delayed: addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work
, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work
, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work, addrconf_dad_work
workqueue bat_events: flags=0xe000a
pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/1 refcnt=7
pending: batadv_iv_send_outstanding_bat_ogm_packet
delayed: batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet, batadv_iv_send_outstanding_bat_ogm_packet
pool 2: cpus=1 node=0 flags=0x0 nice=0 hung=273s workers=5 idle: 3477 23 18 9203
pool 4: cpus=0-1 flags=0x4 nice=0 hung=0s workers=8 idle: 9447 2898 22 1134 9325 9475
INFO: task kworker/u4:0:5 blocked for more than 140 seconds.
Not tainted 4.14.213-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/u4:0 D26816 5 2 0x80000000
Workqueue: events_unbound fsnotify_connector_destroy_workfn
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_timeout+0x80a/0xe90 kernel/time/timer.c:1724
do_wait_for_common kernel/sched/completion.c:91 [inline]
__wait_for_common kernel/sched/completion.c:112 [inline]
wait_for_common+0x272/0x430 kernel/sched/completion.c:123
__synchronize_srcu+0x10a/0x1d0 kernel/rcu/srcutree.c:898
fsnotify_connector_destroy_workfn+0x49/0xa0 fs/notify/mark.c:156
process_one_work+0x793/0x14a0 kernel/workqueue.c:2116
worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
INFO: task kworker/u4:2:33 blocked for more than 140 seconds.
Not tainted 4.14.213-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/u4:2 D26512 33 2 0x80000000
Workqueue: events_unbound fsnotify_mark_destroy_workfn
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_timeout+0x80a/0xe90 kernel/time/timer.c:1724
do_wait_for_common kernel/sched/completion.c:91 [inline]
__wait_for_common kernel/sched/completion.c:112 [inline]
wait_for_common+0x272/0x430 kernel/sched/completion.c:123
__synchronize_srcu+0x10a/0x1d0 kernel/rcu/srcutree.c:898
fsnotify_mark_destroy_workfn+0xed/0x2e0 fs/notify/mark.c:757
process_one_work+0x793/0x14a0 kernel/workqueue.c:2116
worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
INFO: task syz-executor.4:8055 blocked for more than 140 seconds.
Not tainted 4.14.213-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4 D25728 8055 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
exp_funnel_lock kernel/rcu/tree_exp.h:295 [inline]
_synchronize_rcu_expedited+0x5f6/0x770 kernel/rcu/tree_exp.h:596
synchronize_rcu+0x98/0x130 kernel/rcu/tree_plugin.h:762
synchronize_net+0x3a/0x40 net/core/dev.c:8242
nf_register_net_hook+0x6a5/0xa40 net/netfilter/core.c:294
nf_register_net_hooks+0x47/0x96 net/netfilter/core.c:382
arpt_register_table+0x1d3/0x280 net/ipv4/netfilter/arp_tables.c:1568
arptable_filter_table_init net/ipv4/netfilter/arptable_filter.c:52 [inline]
arptable_filter_table_init+0x82/0xc0 net/ipv4/netfilter/arptable_filter.c:41
xt_find_table_lock+0x247/0x3d0 net/netfilter/x_tables.c:1110
get_info+0x10a/0x540 net/ipv4/netfilter/arp_tables.c:806
do_arpt_get_ctl+0x309/0x6d0 net/ipv4/netfilter/arp_tables.c:1485
nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
nf_getsockopt+0x62/0xc0 net/netfilter/nf_sockopt.c:122
ip_getsockopt net/ipv4/ip_sockglue.c:1566 [inline]
ip_getsockopt+0x105/0x150 net/ipv4/ip_sockglue.c:1551
tcp_getsockopt+0x7b/0xc0 net/ipv4/tcp.c:3257
SYSC_getsockopt net/socket.c:1896 [inline]
SyS_getsockopt+0x102/0x1c0 net/socket.c:1878
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x460d2a
RSP: 002b:00007ffc3c5100b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00000000004c419a RCX: 0000000000460d2a
RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000003 R08: 00007ffc3c5100cc R09: 0000000000000001
R10: 000000000074a448 R11: 0000000000000246 R12: 0000000000749dc8
R13: 0000000000000003 R14: 00007ffc3c510770 R15: 00007ffc3c510780
INFO: task syz-executor.5:8057 blocked for more than 140 seconds.
Not tainted 4.14.213-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.5 D25768 8057 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
_synchronize_rcu_expedited+0x522/0x770 kernel/rcu/tree_exp.h:615
synchronize_rcu+0x98/0x130 kernel/rcu/tree_plugin.h:762
synchronize_net+0x3a/0x40 net/core/dev.c:8242
nf_register_net_hook+0x6a5/0xa40 net/netfilter/core.c:294
nf_register_net_hooks+0x47/0x96 net/netfilter/core.c:382
arpt_register_table+0x1d3/0x280 net/ipv4/netfilter/arp_tables.c:1568
arptable_filter_table_init net/ipv4/netfilter/arptable_filter.c:52 [inline]
arptable_filter_table_init+0x82/0xc0 net/ipv4/netfilter/arptable_filter.c:41
xt_find_table_lock+0x247/0x3d0 net/netfilter/x_tables.c:1110
get_info+0x10a/0x540 net/ipv4/netfilter/arp_tables.c:806
do_arpt_get_ctl+0x309/0x6d0 net/ipv4/netfilter/arp_tables.c:1485
nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
nf_getsockopt+0x62/0xc0 net/netfilter/nf_sockopt.c:122
ip_getsockopt net/ipv4/ip_sockglue.c:1566 [inline]
ip_getsockopt+0x105/0x150 net/ipv4/ip_sockglue.c:1551
tcp_getsockopt+0x7b/0xc0 net/ipv4/tcp.c:3257
SYSC_getsockopt net/socket.c:1896 [inline]
SyS_getsockopt+0x102/0x1c0 net/socket.c:1878
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x460d2a
RSP: 002b:00007ffd8a2fc9d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00000000004c419a RCX: 0000000000460d2a
RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000003 R08: 00007ffd8a2fc9ec R09: 0000000000000001
R10: 000000000074a448 R11: 0000000000000246 R12: 0000000000749dc8
R13: 0000000000000003 R14: 00007ffd8a2fd090 R15: 00007ffd8a2fd0a0
INFO: task syz-executor.2:8058 blocked for more than 140 seconds.
Not tainted 4.14.213-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D25632 8058 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
exp_funnel_lock kernel/rcu/tree_exp.h:305 [inline]
_synchronize_rcu_expedited+0x32d/0x770 kernel/rcu/tree_exp.h:596
synchronize_rcu+0x98/0x130 kernel/rcu/tree_plugin.h:762
synchronize_net+0x3a/0x40 net/core/dev.c:8242
nf_register_net_hook+0x6a5/0xa40 net/netfilter/core.c:294
nf_register_net_hooks+0x47/0x96 net/netfilter/core.c:382
arpt_register_table+0x1d3/0x280 net/ipv4/netfilter/arp_tables.c:1568
arptable_filter_table_init net/ipv4/netfilter/arptable_filter.c:52 [inline]
arptable_filter_table_init+0x82/0xc0 net/ipv4/netfilter/arptable_filter.c:41
xt_find_table_lock+0x247/0x3d0 net/netfilter/x_tables.c:1110
get_info+0x10a/0x540 net/ipv4/netfilter/arp_tables.c:806
do_arpt_get_ctl+0x309/0x6d0 net/ipv4/netfilter/arp_tables.c:1485
nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
nf_getsockopt+0x62/0xc0 net/netfilter/nf_sockopt.c:122
ip_getsockopt net/ipv4/ip_sockglue.c:1566 [inline]
ip_getsockopt+0x105/0x150 net/ipv4/ip_sockglue.c:1551
tcp_getsockopt+0x7b/0xc0 net/ipv4/tcp.c:3257
SYSC_getsockopt net/socket.c:1896 [inline]
SyS_getsockopt+0x102/0x1c0 net/socket.c:1878
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x460d2a
RSP: 002b:00007fff85642a78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00000000004c419a RCX: 0000000000460d2a
RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000003 R08: 00007fff85642a8c R09: 0000000000000001
R10: 000000000074a448 R11: 0000000000000246 R12: 0000000000749dc8
R13: 0000000000000003 R14: 00007fff85643130 R15: 00007fff85643140
Showing all locks held in the system:
2 locks held by kworker/u4:0/5:
#0: ("events_unbound"){+.+.}, at: [<ffffffff81373630>] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2087
#1: (connector_reaper_work){+.+.}, at: [<ffffffff81373666>] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2091
2 locks held by kworker/u4:2/33:
#0: ("events_unbound"){+.+.}, at: [<ffffffff81373630>] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2087
#1: ((reaper_work).work){+.+.}, at: [<ffffffff81373666>] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2091
1 lock held by khungtaskd/1526:
#0: (tasklist_lock){.+.+}, at: [<ffffffff81430dd4>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548
1 lock held by syz-executor.5/8057:
#0: (rcu_preempt_state.exp_mutex){+.+.}, at: [<ffffffff8148c992>] exp_funnel_lock kernel/rcu/tree_exp.h:272 [inline]
#0: (rcu_preempt_state.exp_mutex){+.+.}, at: [<ffffffff8148c992>] _synchronize_rcu_expedited+0x2c2/0x770 kernel/rcu/tree_exp.h:596
1 lock held by syz-executor.2/8058:
#0: (rcu_preempt_state.exp_mutex){+.+.}, at: [<ffffffff8148c9fd>] exp_funnel_lock kernel/rcu/tree_exp.h:305 [inline]
#0: (rcu_preempt_state.exp_mutex){+.+.}, at: [<ffffffff8148c9fd>] _synchronize_rcu_expedited+0x32d/0x770 kernel/rcu/tree_exp.h:596
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 1526 Comm: khungtaskd Not tainted 4.14.213-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x1b2/0x283 lib/dump_stack.c:58
nmi_cpu_backtrace.cold+0x57/0x93 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x13a/0x17f lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
watchdog+0x5b9/0xb40 kernel/hung_task.c:274
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 9071 Comm: kworker/1:3 Not tainted 4.14.213-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events rtc_timer_do_work
task: ffff888092508340 task.stack: ffff888092920000
RIP: 0010:debug_lockdep_rcu_enabled+0x2f/0xe0 kernel/rcu/update.c:299
RSP: 0018:ffff888092927b28 EFLAGS: 00000046
RAX: 0000000000000007 RBX: ffff888092508340 RCX: 1ffffffff1411600
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888092508bc4
RBP: ffff8880a8db29b8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000001
FS: 0000000000000000(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff8cb1e4000 CR3: 00000000abcf4000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
trace_lock_acquire include/trace/events/lock.h:13 [inline]
lock_acquire+0x307/0x3f0 kernel/locking/lockdep.c:3997
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160
rtc_handle_legacy_irq+0x82/0x180 drivers/rtc/interface.c:518
rtc_timer_do_work+0x1f7/0x5a0 drivers/rtc/interface.c:881
process_one_work+0x793/0x14a0 kernel/workqueue.c:2116
worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Code: b0 08 8a 53 48 ba 00 00 00 00 00 fc ff df 48 89 c1 83 e0 07 48 c1 e9 03 83 c0 03 0f b6 14 11 38 d0 7c 08 84 d2 0f 85 87 00 00 00 <8b> 35 8f cb c0 08 85 f6 74 79 48 c7 c0 20 fb 3c 89 48 ba 00 00