syzbot

INFO: task kworker/0:0:8 blocked for more than 143 seconds.
      Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:0     state:D stack:24664 pid:8     tgid:8     ppid:2      flags:0x00004000
Workqueue: usb_hub_wq hub_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0x1961/0x4ab0 kernel/sched/core.c:6688
 __schedule_loop kernel/sched/core.c:6763 [inline]
 schedule+0x149/0x260 kernel/sched/core.c:6778
 usb_kill_urb+0x1c9/0x300 drivers/usb/core/urb.c:713
 usb_start_wait_urb+0x1b0/0x520 drivers/usb/core/message.c:65
 usb_internal_control_msg drivers/usb/core/message.c:103 [inline]
 usb_control_msg+0x2b1/0x4c0 drivers/usb/core/message.c:154
 get_bMaxPacketSize0 drivers/usb/core/hub.c:4748 [inline]
 hub_port_init+0xaa6/0x23a0 drivers/usb/core/hub.c:4944
 hub_port_connect drivers/usb/core/hub.c:5392 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5603 [inline]
 port_event drivers/usb/core/hub.c:5763 [inline]
 hub_event+0x2a3c/0x50a0 drivers/usb/core/hub.c:5845
 process_one_work kernel/workqueue.c:2630 [inline]
 process_scheduled_works+0x90f/0x1420 kernel/workqueue.c:2703
 worker_thread+0xa5f/0x1000 kernel/workqueue.c:2784
 kthread+0x2d3/0x370 kernel/kthread.c:388
 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
 </TASK>
INFO: task syz-executor434:5062 blocked for more than 143 seconds.
      Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor434 state:D stack:24920 pid:5062  tgid:5062  ppid:5059   flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0x1961/0x4ab0 kernel/sched/core.c:6688
 __schedule_loop kernel/sched/core.c:6763 [inline]
 schedule+0x149/0x260 kernel/sched/core.c:6778
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6835
 __mutex_lock_common kernel/locking/mutex.c:679 [inline]
 __mutex_lock+0x6a3/0xd60 kernel/locking/mutex.c:747
 device_lock include/linux/device.h:992 [inline]
 usbdev_release+0x7a/0x7d0 drivers/usb/core/devio.c:1096
 __fput+0x3cc/0xa10 fs/file_table.c:394
 __do_sys_close fs/open.c:1590 [inline]
 __se_sys_close fs/open.c:1575 [inline]
 __x64_sys_close+0x7e/0x100 fs/open.c:1575
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x45/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7f00960460e0
RSP: 002b:00007fff7bcbf2f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f00960460e0
RDX: 0000000000000007 RSI: 00007fff7bcbee30 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000f4240
R13: 00007fff7bcbf5a8 R14: 0000000000000001 R15: 00007fff7bcbf340
 </TASK>

Showing all locks held in the system:
5 locks held by kworker/0:0/8:
 #0: ffff88814766cd38 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:2605 [inline]
 #0: ffff88814766cd38 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420 kernel/workqueue.c:2703
 #1: ffffc900000d7d20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:2605 [inline]
 #1: ffffc900000d7d20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x825/0x1420 kernel/workqueue.c:2703
 #2: ffff8880202e8190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:992 [inline]
 #2: ffff8880202e8190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x50a0 drivers/usb/core/hub.c:5791
 #3: ffff8880202ec510 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3154 [inline]
 #3: ffff8880202ec510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5360 [inline]
 #3: ffff8880202ec510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5603 [inline]
 #3: ffff8880202ec510 (&port_dev->status_lock){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5763 [inline]
 #3: ffff8880202ec510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x26a5/0x50a0 drivers/usb/core/hub.c:5845
 #4: ffff8881433fde68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5361 [inline]
 #4: ffff8881433fde68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5603 [inline]
 #4: ffff8881433fde68 (hcd->address0_mutex){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5763 [inline]
 #4: ffff8881433fde68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x26d9/0x50a0 drivers/usb/core/hub.c:5845
1 lock held by khungtaskd/29:
 #0: ffffffff8d92d060 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:301 [inline]
 #0: ffffffff8d92d060 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:747 [inline]
 #0: ffffffff8d92d060 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6613
2 locks held by getty/4811:
 #0: ffff88802a0c20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b4/0x1e10 drivers/tty/n_tty.c:2201
1 lock held by syz-executor434/5062:
 #0: ffff8880202e8190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:992 [inline]
 #0: ffff8880202e8190 (&dev->mutex){....}-{3:3}, at: usbdev_release+0x7a/0x7d0 drivers/usb/core/devio.c:1096

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106
 nmi_cpu_backtrace+0x498/0x4d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x198/0x310 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:222 [inline]
 watchdog+0xfaf/0xff0 kernel/hung_task.c:379
 kthread+0x2d3/0x370 kernel/kthread.c:388
 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 12 Comm: kworker/u4:1 Not tainted 6.7.0-rc1-syzkaller-00012-g9bacdd8996c7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Workqueue:  0x0 (events_unbound)
RIP: 0010:___update_load_sum kernel/sched/pelt.c:190 [inline]
RIP: 0010:update_irq_load_avg+0xff/0xf50 kernel/sched/pelt.c:453
Code: 4d 8d af 00 0c 00 00 4c 89 eb 48 c1 eb 03 80 3c 33 00 74 12 4c 89 ef e8 bf 0c 82 00 48 be 00 00 00 00 00 fc ff df 49 8b 45 00 <49> 89 ee 49 29 c6 4c 89 7c 24 10 0f 88 83 00 00 00 31 ed 49 81 fe
RSP: 0018:ffffc900001177b0 EFLAGS: 00000046
RAX: 00000042ddbd6c00 RBX: 1ffff110173079e8 RCX: 1ffff11017307a17
RDX: 0000000000000000 RSI: dffffc0000000000 RDI: ffff8880b983cdc8
RBP: 00000042ddbd8442 R08: ffffffff8f00c16f R09: 1ffffffff1e0182d
R10: dffffc0000000000 R11: fffffbfff1e0182e R12: 00000042ddbd8442
R13: ffff8880b983cf40 R14: 0000000000000000 R15: ffff8880b983c340
FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005651c2174680 CR3: 000000000d730000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 __update_blocked_others kernel/sched/fair.c:9129 [inline]
 update_blocked_averages+0x3f4/0x1750 kernel/sched/fair.c:9257
 newidle_balance+0x481/0x1080 kernel/sched/fair.c:12182
 pick_next_task_fair+0x27a/0xdd0 kernel/sched/fair.c:8339
 __pick_next_task kernel/sched/core.c:5997 [inline]
 pick_next_task kernel/sched/core.c:6072 [inline]
 __schedule+0x7ce/0x4ab0 kernel/sched/core.c:6652
 __schedule_loop kernel/sched/core.c:6763 [inline]
 schedule+0x149/0x260 kernel/sched/core.c:6778
 worker_thread+0xc26/0x1000 kernel/workqueue.c:2799
 kthread+0x2d3/0x370 kernel/kthread.c:388
 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
 </TASK>
INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.310 msecs