INFO: task syz-executor:6526 blocked for more than 148 seconds.
Not tainted 6.16.0-rc6-syzkaller-gaaef6f251176 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:0 pid:6526 tgid:6526 ppid:6524 task_flags:0x400140 flags:0x00000010
Call trace:
__switch_to+0x414/0x834 arch/arm64/kernel/process.c:741 (T)
context_switch kernel/sched/core.c:5397 [inline]
__schedule+0x1414/0x2a28 kernel/sched/core.c:6786
__schedule_loop kernel/sched/core.c:6864 [inline]
schedule+0xb4/0x230 kernel/sched/core.c:6879
schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6936
__mutex_lock_common+0xbd0/0x2190 kernel/locking/mutex.c:679
__mutex_lock kernel/locking/mutex.c:747 [inline]
mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:799
cgroup_lock include/linux/cgroup.h:387 [inline]
cgroup_kn_lock_live+0x150/0x230 kernel/cgroup/cgroup.c:1686
cgroup_mkdir+0x5c/0xafc kernel/cgroup/cgroup.c:5863
kernfs_iop_mkdir+0x1e8/0x26c fs/kernfs/dir.c:1268
vfs_mkdir+0x284/0x424 fs/namei.c:4375
do_mkdirat+0x1f8/0x4c8 fs/namei.c:4408
__do_sys_mkdirat fs/namei.c:4425 [inline]
__se_sys_mkdirat fs/namei.c:4423 [inline]
__arm64_sys_mkdirat+0x8c/0xa4 fs/namei.c:4423
__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
el0_svc+0x58/0x180 arch/arm64/kernel/entry-common.c:879
el0t_64_sync_handler+0x84/0x12c arch/arm64/kernel/entry-common.c:898
el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:596
Showing all locks held in the system:
1 lock held by kworker/0:0/9:
#0: ffff00019bea3798 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:606 [inline]
#0: ffff00019bea3798 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1532 [inline]
#0: ffff00019bea3798 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1856 [inline]
#0: ffff00019bea3798 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x340/0x2a28 kernel/sched/core.c:6710
4 locks held by kworker/0:1/11:
#0: ffff0000f5177148 ((wq_completion)wg-kex-wg1#6){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c kernel/workqueue.c:3212
#1: ffff800097a87bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c kernel/workqueue.c:3212
#2: ffff0000cc1c5308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x180/0x988 drivers/net/wireguard/noise.c:742
#3: ffff0000cc3fc890 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x20c/0x988 drivers/net/wireguard/noise.c:753
3 locks held by kworker/u8:0/12:
7 locks held by kworker/u8:1/13:
1 lock held by kworker/R-mm_pe/14:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
3 locks held by kworker/1:0/24:
2 locks held by kworker/1:1/26:
1 lock held by khungtaskd/32:
#0: ffff80008f869980 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 include/linux/rcupdate.h:330
3 locks held by kworker/u8:2/41:
3 locks held by kworker/u8:3/42:
4 locks held by pr/ttyAMA0/43:
4 locks held by kworker/u8:4/295:
3 locks held by kworker/u8:5/344:
3 locks held by kworker/u8:6/498:
3 locks held by kworker/u8:7/560:
#0: ffff0000c0031948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c kernel/workqueue.c:3212
#1: ffff800099ba7bc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c kernel/workqueue.c:3212
#2: ffff8000928c78e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
3 locks held by kworker/u8:8/620:
#0: ffff0000d29ff148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c kernel/workqueue.c:3212
#1: ffff80009d077bc0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c kernel/workqueue.c:3212
#2: ffff8000928c78e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
3 locks held by kworker/u8:9/692:
2 locks held by kworker/0:2/2313:
1 lock held by kworker/R-mld/4170:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
1 lock held by kworker/R-bat_e/4252:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0x86c/0xec8 kernel/workqueue.c:3531
3 locks held by kworker/u8:10/4549:
#0: ffff0000c0031948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c kernel/workqueue.c:3212
#1: ffff8000a2827bc0 ((crda_timeout).work){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c kernel/workqueue.c:3212
#2: ffff8000928c78e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
1 lock held by klogd/6130:
2 locks held by udevd/6141:
1 lock held by dhcpcd/6195:
1 lock held by dhcpcd/6196:
1 lock held by crond/6270:
4 locks held by kworker/0:3/6277:
#0: ffff0000c0028d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c kernel/workqueue.c:3212
#1: ffff8000a5c97bc0 (reg_work){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c kernel/workqueue.c:3212
#2: ffff8000928c78e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
#3: ffff0000db0a8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: class_wiphy_constructor include/net/cfg80211.h:6062 [inline]
#3: ffff0000db0a8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: reg_process_self_managed_hints+0xc4/0x1c0 net/wireless/reg.c:3209
2 locks held by getty/6297:
#0: ffff0000d32a30a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
#1: ffff80009ba4b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x34c/0xfa4 drivers/tty/n_tty.c:2222
1 lock held by syz-executor/6515:
2 locks held by udevd/6519:
3 locks held by syz-executor/6526:
#0: ffff0000c2cee428 (sb_writers#7){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:557
#1: ffff0000dcb86e90 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:914 [inline]
#1: ffff0000dcb86e90 (&type->i_mutex_dir_key#6/1){+.+.}-{4:4}, at: filename_create+0x1ac/0x3b4 fs/namei.c:4148
#2: ffff80008f8a0768 (cgroup_mutex){+.+.}-{4:4}, at: cgroup_lock include/linux/cgroup.h:387 [inline]
#2: ffff80008f8a0768 (cgroup_mutex){+.+.}-{4:4}, at: cgroup_kn_lock_live+0x150/0x230 kernel/cgroup/cgroup.c:1686
2 locks held by kworker/1:2/6527:
6 locks held by kworker/u9:2/6529:
#0: ffff0000c90f9948 ((wq_completion)hci2){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c kernel/workqueue.c:3212
#1: ffff8000a5b47bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c kernel/workqueue.c:3212
#2: ffff0000c8e88dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x184/0x33c net/bluetooth/hci_sync.c:331
#3: ffff0000c8e880b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1a0/0xb8c net/bluetooth/hci_sync.c:5670
#4: ffff800092a304e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2052 [inline]
#4: ffff800092a304e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x13c/0x318 net/bluetooth/hci_conn.c:1275
#5: ffff0000c90fa338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x74/0x5f0 net/bluetooth/l2cap_core.c:1762
2 locks held by syz-executor/6530:
2 locks held by syz-executor/6535:
#0: ffff80009292d270 (cb_lock){++++}-{4:4}, at: genl_rcv+0x28/0x50 net/netlink/genetlink.c:1218
#1: ffff8000928c78e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
4 locks held by syz-executor/6536:
4 locks held by kworker/u9:6/6539:
#0: ffff0000cadc3148 ((wq_completion)hci4){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c kernel/workqueue.c:3212
#1: ffff8000a5a87bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c kernel/workqueue.c:3212
#2: ffff0000caeb8dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x184/0x33c net/bluetooth/hci_sync.c:331
#3: ffff0000caeb80b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1a0/0xb8c net/bluetooth/hci_sync.c:5670
2 locks held by kworker/R-wg-cr/6558:
1 lock held by kworker/R-wg-cr/6561:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6563:
1 lock held by kworker/R-wg-cr/6564:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0x86c/0xec8 kernel/workqueue.c:3531
1 lock held by kworker/R-wg-cr/6565:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6567:
1 lock held by kworker/R-wg-cr/6568:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6569:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6571:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6572:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6573:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_detach_from_pool kernel/workqueue.c:2736 [inline]
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0x86c/0xec8 kernel/workqueue.c:3531
1 lock held by kworker/R-wg-cr/6574:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
1 lock held by kworker/R-wg-cr/6576:
#0: ffff80008f7113c8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x40/0x348 kernel/workqueue.c:2678
4 locks held by kworker/0:4/6583:
2 locks held by kworker/0:5/6584:
2 locks held by kworker/1:3/6595:
3 locks held by kworker/1:4/6610:
2 locks held by kworker/0:6/6611:
2 locks held by kworker/1:5/6638:
3 locks held by kworker/u8:11/6647:
3 locks held by kworker/u8:12/6648:
3 locks held by kworker/u8:13/6649:
2 locks held by kworker/0:7/6650:
4 locks held by kworker/u8:14/6655:
3 locks held by kworker/u8:15/6658:
4 locks held by kworker/0:8/6659:
#0: ffff0000dbbf1948 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_one_work+0x63c/0x155c kernel/workqueue.c:3212
#1: ffff8000a34e7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_one_work+0x6d4/0x155c kernel/workqueue.c:3212
#2: ffff0000cd191308 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x130/0x748 drivers/net/wireguard/noise.c:598
#3: ffff0000f64e8338 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x414/0x748 drivers/net/wireguard/noise.c:632
2 locks held by kworker/u8:16/6660:
=============================================