INFO: task kworker/1:7:6329 blocked for more than 430 seconds. Tainted: G L syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:7 state:D stack:0 pid:6329 tgid:6329 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81aa9ef4>] (__schedule) from [<81aab184>] (__schedule_loop kernel/sched/core.c:6949 [inline]) [<81aa9ef4>] (__schedule) from [<81aab184>] (schedule+0x2c/0x134 kernel/sched/core.c:6964) r10:ea599d84 r9:00000000 r8:60000013 r7:ea599d8c r6:829174e8 r5:85a85400 r4:85a85400 [<81aab158>] (schedule) from [<81aab310>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:7021) r5:85a85400 r4:829174e4 [<81aab2f8>] (schedule_preempt_disabled) from [<81aae8d8>] (__mutex_lock_common kernel/locking/mutex.c:692 [inline]) [<81aab2f8>] (schedule_preempt_disabled) from [<81aae8d8>] (__mutex_lock.constprop.0+0x584/0xf10 kernel/locking/mutex.c:776) [<81aae354>] (__mutex_lock.constprop.0) from [<81aaf338>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1065) r10:8280c7e4 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea599e08 r4:00000000 [<81aaf324>] (__mutex_lock_slowpath) from [<81aaf378>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:290) [<81aaf33c>] (mutex_lock) from [<804f10b8>] (_vm_unmap_aliases+0x5c/0x238 mm/vmalloc.c:2944) [<804f105c>] (_vm_unmap_aliases) from [<804f4d9c>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f105c>] (_vm_unmap_aliases) from [<804f4d9c>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83018605 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:86e3e0c0 r4:00000000 [<804f4c30>] (vfree) from [<805608d4>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83016170 r8:85a85400 r7:00000000 r6:83018600 r5:00001000 r4:7f061000 [<805608a4>] (execmem_free) from [<803ca9f4>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea483000 [<803ca9e4>] (bpf_jit_free_exec) from [<803cadd4>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803ca9e4>] (bpf_jit_free_exec) from [<803cadd4>] (bpf_jit_free+0x64/0xe0 kernel/bpf/core.c:1237) [<803cad70>] (bpf_jit_free) from [<803cbcf4>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85ee8794 r4:8583ef80 [<803cbbb4>] (bpf_prog_free_deferred) from [<80276cec>] (process_one_work+0x1b8/0x4f8 kernel/workqueue.c:3257) r7:ddde3b40 r6:83018600 r5:85ee8794 r4:8583ef80 [<80276b34>] (process_one_work) from [<8027796c>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80276b34>] (process_one_work) from [<8027796c>] (worker_thread+0x1c4/0x394 kernel/workqueue.c:3421) r10:61c88647 r9:85a85400 r8:82804d80 r7:8583efac r6:ddde3b40 r5:ddde3b60 r4:8583ef80 [<802777a8>] (worker_thread) from [<8027facc>] (kthread+0x128/0x27c kernel/kthread.c:463) r10:00000000 r9:8583ef80 r8:802777a8 r7:e427de68 r6:8583e300 r5:85a85400 r4:00000001 [<8027f9a4>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xea599fb0 to 0xea599ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f9a4 r4:85e33a40 INFO: task kworker/1:7:6329 is blocked on a mutex likely owned by task kworker/1:2:16378. task:kworker/1:2 state:R running task stack:0 pid:16378 tgid:16378 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: events bpf_prog_free_deferred Call trace: [<81aa9ef4>] (__schedule) from [<81aab5bc>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7194) r10:8280c838 r9:863ed400 r8:80200c04 r7:dfb85d5c r6:ffffffff r5:863ed400 r4:00000000 [<81aab57c>] (preempt_schedule_irq) from [<80200c24>] (svc_preempt+0x8/0x18) Exception stack(0xdfb85d28 to 0xdfb85d70) 5d20: b5a56000 eab4b000 00000001 802394d0 82ace620 82acf264 5d40: 7f07b000 eab4b000 00000000 00000001 8280c838 dfb85d9c eab4b000 dfb85d78 5d60: 8023043c 802394e8 80000113 ffffffff r5:80000113 r4:802394e8 [<802303dc>] (flush_tlb_kernel_range) from [<804f0e6c>] (__purge_vmap_area_lazy+0x260/0x450 mm/vmalloc.c:2369) [<804f0c0c>] (__purge_vmap_area_lazy) from [<804f1244>] (_vm_unmap_aliases+0x1e8/0x238 mm/vmalloc.c:2983) r10:00000000 r9:dfb85dc0 r8:00000000 r7:ffffffff r6:00000008 r5:dfb85e08 r4:dfb85dc0 [<804f105c>] (_vm_unmap_aliases) from [<804f4d9c>] (vm_reset_perms mm/vmalloc.c:3375 [inline]) [<804f105c>] (_vm_unmap_aliases) from [<804f4d9c>] (vfree+0x16c/0x210 mm/vmalloc.c:3454) r10:83018605 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:861053c0 r4:00000000 [<804f4c30>] (vfree) from [<805608d4>] (execmem_free+0x30/0x50 mm/execmem.c:503) r9:83016170 r8:863ed400 r7:00000000 r6:83018600 r5:00001000 r4:7f063000 [<805608a4>] (execmem_free) from [<803ca9f4>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1068) r5:00001000 r4:ea488000 [<803ca9e4>] (bpf_jit_free_exec) from [<803cadd4>] (bpf_jit_binary_free kernel/bpf/core.c:1114 [inline]) [<803ca9e4>] (bpf_jit_free_exec) from [<803cadd4>] (bpf_jit_free+0x64/0xe0 kernel/bpf/core.c:1237) [<803cad70>] (bpf_jit_free) from [<803cbcf4>] (bpf_prog_free_deferred+0x140/0x158 kernel/bpf/core.c:2935) r5:85eeb394 r4:871f4580 [<803cbbb4>] (bpf_prog_free_deferred) from [<80276cec>] (process_one_work+0x1b8/0x4f8 kernel/workqueue.c:3257) r7:ddde3b40 r6:83018600 r5:85eeb394 r4:871f4580 [<80276b34>] (process_one_work) from [<8027796c>] (process_scheduled_works kernel/workqueue.c:3340 [inline]) [<80276b34>] (process_one_work) from [<8027796c>] (worker_thread+0x1c4/0x394 kernel/workqueue.c:3421) r10:61c88647 r9:863ed400 r8:82804d80 r7:871f45ac r6:ddde3b40 r5:ddde3b60 r4:871f4580 [<802777a8>] (worker_thread) from [<8027facc>] (kthread+0x128/0x27c kernel/kthread.c:463) r10:00000000 r9:871f4580 r8:802777a8 r7:ea6dde68 r6:871f4800 r5:863ed400 r4:00000001 [<8027f9a4>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdfb85fb0 to 0xdfb85ff8) 5fa0: 00000000 00000000 00000000 00000000 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f9a4 r4:8736cf80 NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT Tainted: [L]=SOFTLOCKUP Hardware name: ARM-Versatile Express Call trace: [<80201a40>] (dump_backtrace) from [<80201b34>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257) r7:60000193 r6:60000193 r5:822a2700 r4:00000000 [<80201b1c>] (show_stack) from [<8021ed9c>] (__dump_stack lib/dump_stack.c:94 [inline]) [<80201b1c>] (show_stack) from [<8021ed9c>] (dump_stack_lvl+0x5c/0x70 lib/dump_stack.c:120) [<8021ed40>] (dump_stack_lvl) from [<8021edc8>] (dump_stack+0x18/0x1c lib/dump_stack.c:129) r7:00000000 r6:00000113 r5:00000001 r4:00000001 [<8021edb0>] (dump_stack) from [<81a93b34>] (nmi_cpu_backtrace+0x150/0x170 lib/nmi_backtrace.c:113) [<81a939e4>] (nmi_cpu_backtrace) from [<81a93c84>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000001 r6:8280c510 r5:8281ad9c r4:ffffffff [<81a93b54>] (nmi_trigger_cpumask_backtrace) from [<8022fe60>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:852) r9:82ac382c r8:8280c690 r7:82804d80 r6:85a81a04 r5:00007ec4 r4:00000048 [<8022fe48>] (arch_trigger_cpumask_backtrace) from [<81a9b768>] (trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline]) [<8022fe48>] (arch_trigger_cpumask_backtrace) from [<81a9b768>] (__sys_info lib/sys_info.c:157 [inline]) [<8022fe48>] (arch_trigger_cpumask_backtrace) from [<81a9b768>] (sys_info+0x68/0xa8 lib/sys_info.c:165) [<81a9b700>] (sys_info) from [<80383044>] (check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]) [<81a9b700>] (sys_info) from [<80383044>] (watchdog+0x458/0x888 kernel/hung_task.c:515) r5:00007ec4 r4:8394e90c [<80382bec>] (watchdog) from [<8027facc>] (kthread+0x128/0x27c kernel/kthread.c:463) r10:00000000 r9:00000000 r8:80382bec r7:832a3880 r6:832a3880 r5:832e3000 r4:00000001 [<8027f9a4>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137) Exception stack(0xdf8d9fb0 to 0xdf8d9ff8) 9fa0: 00000000 00000000 00000000 00000000 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8027f9a4 r4:833d6780 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 19377 Comm: syz.4.2191 Tainted: G L syzkaller #0 PREEMPT Tainted: [L]=SOFTLOCKUP Hardware name: ARM-Versatile Express PC is at __skb_try_recv_datagram+0x0/0x1a0 net/core/datagram.c:246 LR is at __unix_dgram_recvmsg+0x104/0x3bc net/unix/af_unix.c:2576 pc : [<815ac574>] lr : [<81877414>] psr: 20000113 sp : dfa4dca0 ip : dfa4dca0 fp : dfa4dd1c r10: 00000002 r9 : 84695a88 r8 : dfa4dccc r7 : 00000002 r6 : 84695c54 r5 : 84695a00 r4 : ffffffa1 r3 : dfa4dcc8 r2 : 00000002 r1 : 84695a88 r0 : 84695a00 Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user Control: 30c5387d Table: 870c5900 DAC: fffffffd Call trace: [<81877310>] (__unix_dgram_recvmsg) from [<81877710>] (unix_dgram_recvmsg+0x44/0x4c net/unix/af_unix.c:2675) r10:dfa4dd4c r9:00000002 r8:00000000 r7:818776cc r6:855d8500 r5:209e4c00 r4:dfa4dee0 [<818776cc>] (unix_dgram_recvmsg) from [<8158e484>] (sock_recvmsg_nosec net/socket.c:1078 [inline]) [<818776cc>] (unix_dgram_recvmsg) from [<8158e484>] (____sys_recvmsg+0x160/0x184 net/socket.c:2810) r4:dfa4dee0 [<8158e324>] (____sys_recvmsg) from [<8158f8e4>] (___sys_recvmsg+0x88/0xbc net/socket.c:2854) r10:080002c1 r9:838ec800 r8:855d8500 r7:00000002 r6:209e4c00 r5:dfa4dee0 r4:00000000 [<8158f85c>] (___sys_recvmsg) from [<8158fa38>] (do_recvmmsg+0x120/0x2f4 net/socket.c:2949) r8:00000000 r7:00000002 r6:0004f25e r5:209e4c00 r4:dfa4dec0 [<8158f918>] (do_recvmmsg) from [<81591ef8>] (__sys_recvmmsg net/socket.c:3023 [inline]) [<8158f918>] (do_recvmmsg) from [<81591ef8>] (__do_sys_recvmmsg_time32 net/socket.c:3057 [inline]) [<8158f918>] (do_recvmmsg) from [<81591ef8>] (sys_recvmmsg_time32+0xc4/0xd8 net/socket.c:3050) r10:0000016d r9:838ec800 r8:080002c1 r7:00000002 r6:00000000 r5:20000040 r4:00000006 [<81591e34>] (sys_recvmmsg_time32) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:67) Exception stack(0xdfa4dfa8 to 0xdfa4dff0) dfa0: 00000000 00000000 00000006 20000040 080002c1 00000002 dfc0: 00000000 00000000 003463b8 0000016d 00346378 00000000 00000001 76f9f0dc dfe0: 76f9ee88 76f9ee78 00018734 0012fc20 r8:8020029c r7:0000016d r6:003463b8 r5:00000000 r4:00000000