INFO: task kworker/0:2:72 blocked for more than 143 seconds.
Not tainted 6.0.0-syzkaller-09039-ga6afa4199d3d #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:2 state:D stack:21800 pid: 72 ppid: 2 flags:0x00004000
Workqueue: usb_hub_wq hub_event
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5183 [inline]
__schedule+0x93f/0x26f0 kernel/sched/core.c:6495
schedule+0xda/0x1b0 kernel/sched/core.c:6571
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6630
__mutex_lock_common kernel/locking/mutex.c:679 [inline]
__mutex_lock+0xa44/0x1350 kernel/locking/mutex.c:747
wpan_phy_register+0x23/0x150 net/ieee802154/core.c:142
ieee802154_register_hw+0x4d7/0x740 net/mac802154/main.c:223
atusb_probe+0xdc0/0x1150 drivers/net/ieee802154/atusb.c:981
usb_probe_interface+0x30b/0x7f0 drivers/usb/core/driver.c:396
call_driver_probe drivers/base/dd.c:560 [inline]
really_probe+0x249/0xb90 drivers/base/dd.c:639
__driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778
driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808
__device_attach_driver+0x1d0/0x2e0 drivers/base/dd.c:936
bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
__device_attach+0x1e4/0x530 drivers/base/dd.c:1008
bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
device_add+0xbd5/0x1e90 drivers/base/core.c:3517
usb_set_configuration+0x1019/0x1900 drivers/usb/core/message.c:2170
usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238
usb_probe_device+0xd4/0x2c0 drivers/usb/core/driver.c:293
call_driver_probe drivers/base/dd.c:560 [inline]
really_probe+0x249/0xb90 drivers/base/dd.c:639
__driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778
driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808
__device_attach_driver+0x1d0/0x2e0 drivers/base/dd.c:936
bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
__device_attach+0x1e4/0x530 drivers/base/dd.c:1008
bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
device_add+0xbd5/0x1e90 drivers/base/core.c:3517
usb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573
hub_port_connect drivers/usb/core/hub.c:5353 [inline]
hub_port_connect_change drivers/usb/core/hub.c:5497 [inline]
port_event drivers/usb/core/hub.c:5653 [inline]
hub_event+0x26c7/0x45e0 drivers/usb/core/hub.c:5735
process_one_work+0x991/0x1610 kernel/workqueue.c:2289
worker_thread+0x665/0x1080 kernel/workqueue.c:2436
kthread+0x2ea/0x3a0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
</TASK>
INFO: task kworker/0:4:4120 blocked for more than 143 seconds.
Not tainted 6.0.0-syzkaller-09039-ga6afa4199d3d #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:4 state:D stack:22056 pid: 4120 ppid: 2 flags:0x00004000
Workqueue: usb_hub_wq hub_event
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5183 [inline]
__schedule+0x93f/0x26f0 kernel/sched/core.c:6495
schedule+0xda/0x1b0 kernel/sched/core.c:6571
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6630
__mutex_lock_common kernel/locking/mutex.c:679 [inline]
__mutex_lock+0xa44/0x1350 kernel/locking/mutex.c:747
unregister_netdev+0xe/0x20 net/core/dev.c:10901
r871xu_dev_remove+0x285/0x470 drivers/staging/rtl8712/usb_intf.c:597
usb_unbind_interface+0x1d8/0x8e0 drivers/usb/core/driver.c:458
device_remove drivers/base/dd.c:550 [inline]
device_remove+0x11f/0x170 drivers/base/dd.c:542
__device_release_driver drivers/base/dd.c:1249 [inline]
device_release_driver_internal+0x4a1/0x700 drivers/base/dd.c:1275
bus_remove_device+0x2e3/0x590 drivers/base/bus.c:529
device_del+0x4f3/0xc80 drivers/base/core.c:3704
usb_disable_device+0x356/0x7a0 drivers/usb/core/message.c:1419
usb_disconnect.cold+0x259/0x6ed drivers/usb/core/hub.c:2235
hub_port_connect drivers/usb/core/hub.c:5197 [inline]
hub_port_connect_change drivers/usb/core/hub.c:5497 [inline]
port_event drivers/usb/core/hub.c:5653 [inline]
hub_event+0x1f86/0x45e0 drivers/usb/core/hub.c:5735
process_one_work+0x991/0x1610 kernel/workqueue.c:2289
worker_thread+0x665/0x1080 kernel/workqueue.c:2436
kthread+0x2ea/0x3a0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
</TASK>
Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
#0: ffffffff87a94990 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 kernel/rcu/tasks.h:507
1 lock held by khungtaskd/27:
#0: ffffffff87a954e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6492
6 locks held by kworker/0:2/72:
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc90001467da8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
#2: ffff88810f63d190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#2: ffff88810f63d190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1bc/0x45e0 drivers/usb/core/hub.c:5681
#3: ffff88811ac03190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#3: ffff88811ac03190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x76/0x530 drivers/base/dd.c:983
#4: ffff888109ee6118 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#4: ffff888109ee6118 (&dev->mutex){....}-{3:3}, at: __device_attach+0x76/0x530 drivers/base/dd.c:983
#5: ffffffff88af8ee8 (rtnl_mutex){+.+.}-{3:3}, at: wpan_phy_register+0x23/0x150 net/ieee802154/core.c:142
3 locks held by kworker/1:2/719:
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc900022efda8 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
#2: ffffffff88af8ee8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0xe/0x20 net/ipv6/addrconf.c:4624
3 locks held by kworker/1:3/1139:
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc90002f5fda8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
#2: ffff88810f623190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#2: ffff88810f623190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1bc/0x45e0 drivers/usb/core/hub.c:5681
2 locks held by dhcpcd/1215:
#0: ffffffff88af8ee8 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x1b3/0x1ce0 net/ipv4/devinet.c:1070
#1: ffff888116b7cd70 (&padapter->mutex_start){+.+.}-{3:3}, at: netdev_open+0x2e/0x690 drivers/staging/rtl8712/os_intfs.c:374
2 locks held by getty/1237:
#0: ffff88810ec31098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:244
#1: ffffc900000452f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef0/0x13e0 drivers/tty/n_tty.c:2177
3 locks held by kworker/0:3/4118:
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888110d84938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc90001d1fda8 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
#2: ffffffff88af8ee8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0xe/0x20 net/ipv6/addrconf.c:4624
6 locks held by kworker/0:4/4120:
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc90001d3fda8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
#2: ffff88810f80b190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#2: ffff88810f80b190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1bc/0x45e0 drivers/usb/core/hub.c:5681
#3: ffff88811204e190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#3: ffff88811204e190 (&dev->mutex){....}-{3:3}, at: usb_disconnect.cold+0x43/0x6ed drivers/usb/core/hub.c:2226
#4: ffff888109b42118 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#4: ffff888109b42118 (&dev->mutex){....}-{3:3}, at: __device_driver_lock drivers/base/dd.c:1073 [inline]
#4: ffff888109b42118 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xa0/0x700 drivers/base/dd.c:1272
#5: ffffffff88af8ee8 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdev+0xe/0x20 net/core/dev.c:10901
6 locks held by kworker/1:6/4174:
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc90001dafda8 ((work_completion)(&hub->events)){+.+.}-{0:0}
, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
#2:
ffff88810f7e3190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
ffff88810f7e3190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1bc/0x45e0 drivers/usb/core/hub.c:5681
#3: ffff88811f433190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#3: ffff88811f433190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x76/0x530 drivers/base/dd.c:983
#4: ffff8881184d0118 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#4: ffff8881184d0118 (&dev->mutex){....}-{3:3}, at: __device_attach+0x76/0x530 drivers/base/dd.c:983
#5: ffffffff88af8ee8 (rtnl_mutex){+.+.}-{3:3}, at: register_netdev+0x11/0x50 net/core/dev.c:10177
6 locks held by kworker/0:8/6093:
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc90002cffda8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
#2: ffff88810f763190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#2: ffff88810f763190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1bc/0x45e0 drivers/usb/core/hub.c:5681
#3: ffff888139ac8190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#3: ffff888139ac8190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x76/0x530 drivers/base/dd.c:983
#4: ffff888139acf118 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#4: ffff888139acf118 (&dev->mutex){....}-{3:3}, at: __device_attach+0x76/0x530 drivers/base/dd.c:983
#5: ffffffff88af8ee8 (rtnl_mutex){+.+.}-{3:3}, at: wpan_phy_register+0x23/0x150 net/ieee802154/core.c:142
6 locks held by kworker/1:8/9835:
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888109b81138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc9000e8e7da8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
#2: ffff88810f783190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#2: ffff88810f783190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1bc/0x45e0 drivers/usb/core/hub.c:5681
#3: ffff888109b30190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#3: ffff888109b30190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x76/0x530 drivers/base/dd.c:983
#4: ffff888109b37118 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:835 [inline]
#4: ffff888109b37118 (&dev->mutex){....}-{3:3}, at: __device_attach+0x76/0x530 drivers/base/dd.c:983
#5: ffffffff88af8ee8 (rtnl_mutex){+.+.}-{3:3}, at: register_netdev+0x11/0x50 net/core/dev.c:10177
2 locks held by kworker/u4:2/11900:
#0: ffff888100069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff888100069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff888100069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff888100069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff888100069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff888100069138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x87a/0x1610 kernel/workqueue.c:2260
#1: ffffc900029d7da8 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work+0x8ae/0x1610 kernel/workqueue.c:2264
3 locks held by udevd/13434:
#0: ffff888110e46488 (&of->mutex){+.+.}-{3:3}, at: kernfs_file_read_iter fs/kernfs/file.c:236 [inline]
#0: ffff888110e46488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_read_iter+0x189/0x7a0 fs/kernfs/file.c:276
#1: ffff88811988d660 (kn->active#20){++++}-{0:0}, at: kernfs_file_read_iter fs/kernfs/file.c:237 [inline]
#1: ffff88811988d660 (kn->active#20){++++}-{0:0}, at: kernfs_fop_read_iter+0x1ac/0x7a0 fs/kernfs/file.c:276
#2: ffff88811f433190 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:840 [inline]
#2: ffff88811f433190 (&dev->mutex){....}-{3:3}, at: read_descriptors+0x3c/0x2c0 drivers/usb/core/sysfs.c:873
3 locks held by udevd/13442:
#0: ffff888118956888 (&of->mutex){+.+.}-{3:3}, at: kernfs_file_read_iter fs/kernfs/file.c:236 [inline]
#0: ffff888118956888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_read_iter+0x189/0x7a0 fs/kernfs/file.c:276
#1: ffff88813a9b9ae8 (kn->active#20){++++}-{0:0}, at: kernfs_file_read_iter fs/kernfs/file.c:237 [inline]
#1: ffff88813a9b9ae8 (kn->active#20){++++}-{0:0}, at: kernfs_fop_read_iter+0x1ac/0x7a0 fs/kernfs/file.c:276
#2: ffff88811ac03190 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:840 [inline]
#2: ffff88811ac03190 (&dev->mutex){....}-{3:3}, at: read_descriptors+0x3c/0x2c0 drivers/usb/core/sysfs.c:873
3 locks held by udevd/13453:
#0: ffff88811b9b6888 (&of->mutex){+.+.}-{3:3}, at: kernfs_file_read_iter fs/kernfs/file.c:236 [inline]
#0: ffff88811b9b6888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_read_iter+0x189/0x7a0 fs/kernfs/file.c:276
#1: ffff88810e601e88 (kn->active#20){++++}-{0:0}, at: kernfs_file_read_iter fs/kernfs/file.c:237 [inline]
#1: ffff88810e601e88 (kn->active#20){++++}-{0:0}, at: kernfs_fop_read_iter+0x1ac/0x7a0 fs/kernfs/file.c:276
#2: ffff888109b2e190 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:840 [inline]
#2: ffff888109b2e190 (&dev->mutex){....}-{3:3}, at: read_descriptors+0x3c/0x2c0 drivers/usb/core/sysfs.c:873
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 27 Comm: khungtaskd Not tainted 6.0.0-syzkaller-09039-ga6afa4199d3d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
nmi_cpu_backtrace.cold+0x46/0x14f lib/nmi_backtrace.c:111
nmi_trigger_cpumask_backtrace+0x206/0x250 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:212 [inline]
watchdog+0xc18/0xf50 kernel/hung_task.c:369
kthread+0x2ea/0x3a0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
</TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 1139 Comm: kworker/1:3 Not tainted 6.0.0-syzkaller-09039-ga6afa4199d3d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
Workqueue: usb_hub_wq hub_event
RIP: 0010:lookup_chain_cache kernel/locking/lockdep.c:3722 [inline]
RIP: 0010:lookup_chain_cache_add kernel/locking/lockdep.c:3742 [inline]
RIP: 0010:validate_chain kernel/locking/lockdep.c:3797 [inline]
RIP: 0010:__lock_acquire+0x16ca/0x56d0 kernel/locking/lockdep.c:5053
Code: 00 00 48 8d 14 ed 20 b6 fa 8a 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 22 3f 00 00 48 8b 1c ed 20 b6 fa 8a <48> 85 db 74 65 48 83 eb 08 74 5f 49 be 00 00 00 00 00 fc ff df 48
RSP: 0018:ffffc90000188ac0 EFLAGS: 00000046
RAX: dffffc0000000000 RBX: ffffffff89fc7508 RCX: ffffffff8129d08e
RDX: 1ffffffff160716b RSI: 0000000000000008 RDI: ffffffff8b0c36c0
RBP: 0000000000011aa7 R08: 0000000000000000 R09: ffffffff8b0c36c7
R10: fffffbfff16186d8 R11: 0000000000000001 R12: ffff888110f84410
R13: ffff888110f83900 R14: ffff888110f842f8 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f5793a33300 CR3: 0000000133da8000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
lock_acquire kernel/locking/lockdep.c:5666 [inline]
lock_acquire+0x1ab/0x570 kernel/locking/lockdep.c:5631
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:162
debug_object_deactivate lib/debugobjects.c:732 [inline]
debug_object_deactivate+0x101/0x300 lib/debugobjects.c:720
debug_timer_deactivate kernel/time/timer.c:787 [inline]
debug_deactivate kernel/time/timer.c:831 [inline]
detach_timer kernel/time/timer.c:878 [inline]
expire_timers kernel/time/timer.c:1508 [inline]
__run_timers.part.0+0x517/0xa80 kernel/time/timer.c:1790
__run_timers kernel/time/timer.c:1768 [inline]
run_timer_softirq+0xb3/0x1d0 kernel/time/timer.c:1803
__do_softirq+0x1bd/0x9ab kernel/softirq.c:571
invoke_softirq kernel/softirq.c:445 [inline]
__irq_exit_rcu+0x113/0x170 kernel/softirq.c:650
irq_exit_rcu+0x5/0x20 kernel/softirq.c:662
sysvec_apic_timer_interrupt+0x8e/0xc0 arch/x86/kernel/apic/apic.c:1107
</IRQ>
<TASK>
asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:649
RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:27 [inline]
RIP: 0010:check_kcov_mode kernel/kcov.c:166 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 kernel/kcov.c:200
Code: 48 89 ef 5d e9 f1 5e 33 00 5d be 03 00 00 00 e9 26 a1 d0 00 66 0f 1f 44 00 00 48 8b be a8 01 00 00 e8 b4 ff ff ff 31 c0 c3 90 <65> 8b 05 09 60 bc 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b
RSP: 0018:ffffc90002f5ebd8 EFLAGS: 00000246
RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc9000c9ce000
RDX: 0000000000040000 RSI: ffffffff812c8ae1 RDI: 0000000000000007
RBP: ffffc90002f5ec18 R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000200 R11: 0000000000000000 R12: 000000000000004f
R13: ffff8881008b5580 R14: 0000000000000200 R15: ffffc90002f5ed38
console_trylock_spinning kernel/printk/printk.c:1922 [inline]
vprintk_emit+0x3f7/0x5f0 kernel/printk/printk.c:2270
dev_vprintk_emit+0x36e/0x3b2 drivers/base/core.c:4736
dev_printk_emit+0xba/0xf1 drivers/base/core.c:4747
__dev_printk+0xcf/0xf5 drivers/base/core.c:4759
_dev_warn+0xd7/0x109 drivers/base/core.c:4803
imon_ir_change_protocol.cold+0x22/0xa3 drivers/media/rc/imon.c:1144
rc_prepare_rx_device drivers/media/rc/rc-main.c:1812 [inline]
rc_register_device+0x948/0x16b0 drivers/media/rc/rc-main.c:1927
imon_init_rdev drivers/media/rc/imon.c:2010 [inline]
imon_init_intf0 drivers/media/rc/imon.c:2282 [inline]
imon_probe+0x2237/0x2bd0 drivers/media/rc/imon.c:2433
usb_probe_interface+0x30b/0x7f0 drivers/usb/core/driver.c:396
call_driver_probe drivers/base/dd.c:560 [inline]
really_probe+0x249/0xb90 drivers/base/dd.c:639
__driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778
driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808
__device_attach_driver+0x1d0/0x2e0 drivers/base/dd.c:936
bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
__device_attach+0x1e4/0x530 drivers/base/dd.c:1008
bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
device_add+0xbd5/0x1e90 drivers/base/core.c:3517
usb_set_configuration+0x1019/0x1900 drivers/usb/core/message.c:2170
usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238
usb_probe_device+0xd4/0x2c0 drivers/usb/core/driver.c:293
call_driver_probe drivers/base/dd.c:560 [inline]
really_probe+0x249/0xb90 drivers/base/dd.c:639
__driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778
driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808
__device_attach_driver+0x1d0/0x2e0 drivers/base/dd.c:936
bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
__device_attach+0x1e4/0x530 drivers/base/dd.c:1008
bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
device_add+0xbd5/0x1e90 drivers/base/core.c:3517
usb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573
hub_port_connect drivers/usb/core/hub.c:5353 [inline]
hub_port_connect_change drivers/usb/core/hub.c:5497 [inline]
port_event drivers/usb/core/hub.c:5653 [inline]
hub_event+0x26c7/0x45e0 drivers/usb/core/hub.c:5735
process_one_work+0x991/0x1610 kernel/workqueue.c:2289
worker_thread+0x665/0x1080 kernel/workqueue.c:2436
kthread+0x2ea/0x3a0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
</TASK>