syzbot

 sign-in | mailing list | source | docs
🐞 Open [1593]
Subsystems
🐞 Fixed [6224]
🐞 Invalid [15741]
Missing Backports [182]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

INFO: task hung in ieee80211_register_hw (4)

Status: auto-obsoleted due to no activity on 2023/10/29 15:52
Subsystems: wireless
[Documentation on labels]
First crash: 650d, last: 650d
Similar bugs (9)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 INFO: task hung in ieee80211_register_hw 4 330d 335d 0/3 auto-obsoleted due to no activity on 2024/09/23 16:13
upstream INFO: task hung in ieee80211_register_hw (2) wireless 2 1196d 1254d 0/28 closed as invalid on 2022/02/08 09:40
linux-4.19 INFO: task hung in ieee80211_register_hw 1 964d 964d 0/1 auto-obsoleted due to no activity on 2023/01/18 17:32
upstream INFO: task hung in ieee80211_register_hw (6) wireless 4 328d 354d 0/28 auto-obsoleted due to no activity on 2024/09/16 03:48
upstream INFO: task hung in ieee80211_register_hw (5) wireless 1 482d 482d 0/28 auto-obsoleted due to no activity on 2024/04/15 01:54
linux-5.15 INFO: task hung in ieee80211_register_hw 1 339d 339d 0/3 auto-obsoleted due to no activity on 2024/09/15 00:03
upstream INFO: task hung in ieee80211_register_hw (3) wireless 1 1163d 1163d 0/28 auto-closed as invalid on 2022/06/03 18:58
upstream INFO: task hung in ieee80211_register_hw (7) wireless syz 5 192d 207d 0/28 closed as invalid on 2024/11/22 14:52
upstream INFO: task hung in ieee80211_register_hw wireless 1 1881d 1881d 0/28 auto-closed as invalid on 2020/06/15 23:33

Sample crash report:
INFO: task kworker/1:4:5297 blocked for more than 143 seconds.
      Not tainted 6.5.0-rc4-syzkaller-00075-g98a9e32bdf25 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:4     state:D stack:22384 pid:5297  ppid:2      flags:0x00004000
Workqueue: usb_hub_wq hub_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5381 [inline]
 __schedule+0xc79/0x30a0 kernel/sched/core.c:6710
 schedule+0xe7/0x1b0 kernel/sched/core.c:6786
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6845
 __mutex_lock_common kernel/locking/mutex.c:679 [inline]
 __mutex_lock+0x967/0x1340 kernel/locking/mutex.c:747
 ieee80211_register_hw+0x2136/0x42c0 net/mac80211/main.c:1335
 probe+0x20a/0x970 drivers/net/wireless/zydas/zd1211rw/zd_usb.c:1393
 usb_probe_interface+0x307/0x930 drivers/usb/core/driver.c:396
 call_driver_probe drivers/base/dd.c:579 [inline]
 really_probe+0x234/0xc90 drivers/base/dd.c:658
 __driver_probe_device+0x1de/0x4b0 drivers/base/dd.c:798
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:828
 __device_attach_driver+0x1d4/0x300 drivers/base/dd.c:956
 bus_for_each_drv+0x157/0x1d0 drivers/base/bus.c:457
 __device_attach+0x1e8/0x4b0 drivers/base/dd.c:1028
 bus_probe_device+0x17c/0x1c0 drivers/base/bus.c:532
 device_add+0x11f1/0x1b40 drivers/base/core.c:3625
 usb_set_configuration+0x10cb/0x1c40 drivers/usb/core/message.c:2212
 usb_generic_driver_probe+0xca/0x130 drivers/usb/core/generic.c:238
 usb_probe_device+0xda/0x2c0 drivers/usb/core/driver.c:293
 call_driver_probe drivers/base/dd.c:579 [inline]
 really_probe+0x234/0xc90 drivers/base/dd.c:658
 __driver_probe_device+0x1de/0x4b0 drivers/base/dd.c:798
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:828
 __device_attach_driver+0x1d4/0x300 drivers/base/dd.c:956
 bus_for_each_drv+0x157/0x1d0 drivers/base/bus.c:457
 __device_attach+0x1e8/0x4b0 drivers/base/dd.c:1028
 bus_probe_device+0x17c/0x1c0 drivers/base/bus.c:532
 device_add+0x11f1/0x1b40 drivers/base/core.c:3625
 usb_new_device+0xd80/0x1960 drivers/usb/core/hub.c:2613
 hub_port_connect drivers/usb/core/hub.c:5445 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5589 [inline]
 port_event drivers/usb/core/hub.c:5749 [inline]
 hub_event+0x30fd/0x5330 drivers/usb/core/hub.c:5831
 process_one_work+0xaa2/0x16f0 kernel/workqueue.c:2597
 worker_thread+0x687/0x1110 kernel/workqueue.c:2748
 kthread+0x33a/0x430 kernel/kthread.c:389
 ret_from_fork+0x2c/0x70 arch/x86/kernel/process.c:145
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
 </TASK>
INFO: task kworker/1:7:5700 blocked for more than 143 seconds.
      Not tainted 6.5.0-rc4-syzkaller-00075-g98a9e32bdf25 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:7     state:D
 stack:21936 pid:5700  ppid:2      flags:0x00004000
Workqueue: usb_hub_wq hub_event

Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5381 [inline]
 __schedule+0xc79/0x30a0 kernel/sched/core.c:6710
 schedule+0xe7/0x1b0 kernel/sched/core.c:6786
 schedule_timeout+0x27a/0x2c0 kernel/time/timer.c:2143
 do_wait_for_common kernel/sched/completion.c:85 [inline]
 __wait_for_common+0x3e2/0x5f0 kernel/sched/completion.c:106
 r871xu_dev_remove+0x8a/0x480 drivers/staging/rtl8712/usb_intf.c:595
 usb_unbind_interface+0x1dd/0x8d0 drivers/usb/core/driver.c:458
 device_remove drivers/base/dd.c:569 [inline]
 device_remove+0x11f/0x170 drivers/base/dd.c:561
 __device_release_driver drivers/base/dd.c:1270 [inline]
 device_release_driver_internal+0x44a/0x610 drivers/base/dd.c:1293
 bus_remove_device+0x22c/0x420 drivers/base/bus.c:574
 device_del+0x39a/0xa40 drivers/base/core.c:3814
 usb_disable_device+0x36c/0x7f0 drivers/usb/core/message.c:1421
 usb_disconnect+0x2e1/0x890 drivers/usb/core/hub.c:2276
 hub_port_connect drivers/usb/core/hub.c:5284 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5589 [inline]
 port_event drivers/usb/core/hub.c:5749 [inline]
 hub_event+0x2221/0x5330 drivers/usb/core/hub.c:5831
 process_one_work+0xaa2/0x16f0 kernel/workqueue.c:2597
 process_scheduled_works kernel/workqueue.c:2664 [inline]
 worker_thread+0x896/0x1110 kernel/workqueue.c:2750
 kthread+0x33a/0x430 kernel/kthread.c:389
 ret_from_fork+0x2c/0x70 arch/x86/kernel/process.c:145
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
 </TASK>
INFO: task kworker/1:0:8155 blocked for more than 144 seconds.
      Not tainted 6.5.0-rc4-syzkaller-00075-g98a9e32bdf25 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:0     state:D stack:22944 pid:8155  ppid:2      flags:0x00004000
Workqueue: usb_hub_wq hub_event

Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5381 [inline]
 __schedule+0xc79/0x30a0 kernel/sched/core.c:6710
 schedule+0xe7/0x1b0 kernel/sched/core.c:6786
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6845
 __mutex_lock_common kernel/locking/mutex.c:679 [inline]
 __mutex_lock+0x967/0x1340 kernel/locking/mutex.c:747
 unregister_netdev+0x12/0x30 net/core/dev.c:10923
 r871xu_dev_remove+0x28e/0x480 drivers/staging/rtl8712/usb_intf.c:597
 usb_unbind_interface+0x1dd/0x8d0 drivers/usb/core/driver.c:458
 device_remove drivers/base/dd.c:569 [inline]
 device_remove+0x11f/0x170 drivers/base/dd.c:561
 __device_release_driver drivers/base/dd.c:1270 [inline]
 device_release_driver_internal+0x44a/0x610 drivers/base/dd.c:1293
 bus_remove_device+0x22c/0x420 drivers/base/bus.c:574
 device_del+0x39a/0xa40 drivers/base/core.c:3814
 usb_disable_device+0x36c/0x7f0 drivers/usb/core/message.c:1421
 usb_disconnect+0x2e1/0x890 drivers/usb/core/hub.c:2276
 hub_port_connect drivers/usb/core/hub.c:5284 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5589 [inline]
 port_event drivers/usb/core/hub.c:5749 [inline]
 hub_event+0x2221/0x5330 drivers/usb/core/hub.c:5831
 process_one_work+0xaa2/0x16f0 kernel/workqueue.c:2597
 worker_thread+0x687/0x1110 kernel/workqueue.c:2748
 kthread+0x33a/0x430 kernel/kthread.c:389
 ret_from_fork+0x2c/0x70 arch/x86/kernel/process.c:145
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
 </TASK>

Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
 #0: ffffffff87ea74b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x2c/0xe20 kernel/rcu/tasks.h:522
1 lock held by rcu_tasks_trace/13:
 #0: ffffffff87ea71b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x2c/0xe20 kernel/rcu/tasks.h:522
1 lock held by khungtaskd/28:
 #0: 
ffffffff87ea80c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x340 kernel/locking/lockdep.c:6615
6 locks held by kworker/0:2/2333:
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:20 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: raw_atomic64_set include/linux/atomic/atomic-arch-fallback.h:2608 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: raw_atomic_long_set include/linux/atomic/atomic-long.h:79 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:3196 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:675 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:702 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x96a/0x16f0 kernel/workqueue.c:2567
 #1: 
ffffc900069efd80
 (
(work_completion)(&hub->events)
){+.+.}-{0:0}, at: process_one_work+0x99e/0x16f0 kernel/workqueue.c:2571
 #2: 
ffff888105fea190
 (&dev->mutex){....}-{3:3}
, at: device_lock include/linux/device.h:958 [inline]
, at: hub_event+0x1cc/0x5330 drivers/usb/core/hub.c:5777
 #3: ffff88811f8d0190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #3: ffff88811f8d0190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7f/0x4b0 drivers/base/dd.c:1003
 #4: 
ffff88813e60c160 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
ffff88813e60c160 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7f/0x4b0 drivers/base/dd.c:1003
 #5: ffffffff88f955e8 (rtnl_mutex){+.+.}-{3:3}, at: wpan_phy_register+0x27/0x160 net/ieee802154/core.c:145
1 lock held by klogd/2364:
 #0: ffff8881f663b218 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:558 [inline]
 #0: ffff8881f663b218 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1366 [inline]
 #0: ffff8881f663b218 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1675 [inline]
 #0: ffff8881f663b218 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x290/0x30a0 kernel/sched/core.c:6627
2 locks held by dhcpcd/2411:
 #0: ffffffff88f955e8 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x1d3/0x1f00 net/ipv4/devinet.c:1074
 #1: ffff888144b7cdb0 (&padapter->mutex_start){+.+.}-{3:3}, at: netdev_open+0x32/0x820 drivers/staging/rtl8712/os_intfs.c:391
2 locks held by getty/2431:
 #0: 
ffff888114b40098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
 #1: ffffc900000452f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfcb/0x1480 drivers/tty/n_tty.c:2187
6 locks held by kworker/1:4/5297:
 #0: ffff88810c65e538 (
(wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:20 [inline]
(wq_completion)usb_hub_wq){+.+.}-{0:0}, at: raw_atomic64_set include/linux/atomic/atomic-arch-fallback.h:2608 [inline]
(wq_completion)usb_hub_wq){+.+.}-{0:0}, at: raw_atomic_long_set include/linux/atomic/atomic-long.h:79 [inline]
(wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:3196 [inline]
(wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:675 [inline]
(wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:702 [inline]
(wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x96a/0x16f0 kernel/workqueue.c:2567
 #1: ffffc90001927d80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x99e/0x16f0 kernel/workqueue.c:2571
 #2: ffff888105bfd190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #2: ffff888105bfd190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1cc/0x5330 drivers/usb/core/hub.c:5777
 #3: ffff888119c23190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #3: ffff888119c23190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7f/0x4b0 drivers/base/dd.c:1003
 #4: ffff88811cc05160 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #4: ffff88811cc05160 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7f/0x4b0 drivers/base/dd.c:1003
 #5: ffffffff88f955e8 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_register_hw+0x2136/0x42c0 net/mac80211/main.c:1335
3 locks held by kworker/1:6/5446:
 #0: ffff888100070d38
 ((wq_completion)events
){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:20 [inline]
){+.+.}-{0:0}, at: raw_atomic64_set include/linux/atomic/atomic-arch-fallback.h:2608 [inline]
){+.+.}-{0:0}, at: raw_atomic_long_set include/linux/atomic/atomic-long.h:79 [inline]
){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:3196 [inline]
){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:675 [inline]
){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:702 [inline]
){+.+.}-{0:0}, at: process_one_work+0x96a/0x16f0 kernel/workqueue.c:2567
 #1: ffffc9000296fd80 ((work_completion)(&fw_work->work)
){+.+.}-{0:0}, at: process_one_work+0x99e/0x16f0 kernel/workqueue.c:2571
 #2: ffffffff88f955e8 (rtnl_mutex){+.+.}-{3:3}, at: register_netdev+0x13/0x50 net/core/dev.c:10177
5 locks held by kworker/1:7/5700:
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:20 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: raw_atomic64_set include/linux/atomic/atomic-arch-fallback.h:2608 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: raw_atomic_long_set include/linux/atomic/atomic-long.h:79 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:3196 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:675 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:702 [inline]
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x96a/0x16f0 kernel/workqueue.c:2567
 #1: ffffc90002f6fd80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x99e/0x16f0 kernel/workqueue.c:2571
 #2: ffff888106755190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #2: ffff888106755190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1cc/0x5330 drivers/usb/core/hub.c:5777
 #3: ffff88813eb86190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #3: ffff88813eb86190 (&dev->mutex){....}-{3:3}, at: usb_disconnect+0x10a/0x890 drivers/usb/core/hub.c:2267
 #4: ffff888105b73160 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #4: ffff888105b73160 (&dev->mutex){....}-{3:3}, at: __device_driver_lock drivers/base/dd.c:1093 [inline]
 #4: ffff888105b73160 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xa4/0x610 drivers/base/dd.c:1290
3 locks held by kworker/1:8/16735:
4 locks held by kworker/0:8/24420:
5 locks held by kworker/0:9/29430:
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}
, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:20 [inline]
, at: raw_atomic64_set include/linux/atomic/atomic-arch-fallback.h:2608 [inline]
, at: raw_atomic_long_set include/linux/atomic/atomic-long.h:79 [inline]
, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:3196 [inline]
, at: set_work_data kernel/workqueue.c:675 [inline]
, at: set_work_pool_and_clear_pending kernel/workqueue.c:702 [inline]
, at: process_one_work+0x96a/0x16f0 kernel/workqueue.c:2567
 #1: ffffc90007467d80
 ((work_completion)(&hub->events)
){+.+.}-{0:0}, at: process_one_work+0x99e/0x16f0 kernel/workqueue.c:2571
 #2: ffff888105f5d190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #2: ffff888105f5d190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1cc/0x5330 drivers/usb/core/hub.c:5777
 #3: ffff888139d8c190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #3: ffff888139d8c190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7f/0x4b0 drivers/base/dd.c:1003
 #4: ffff8881194fc160 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #4: ffff8881194fc160 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7f/0x4b0 drivers/base/dd.c:1003
3 locks held by kworker/1:2/29638:
 #0: ffff88810b3ca938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:20 [inline]
 #0: ffff88810b3ca938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: raw_atomic64_set include/linux/atomic/atomic-arch-fallback.h:2608 [inline]
 #0: ffff88810b3ca938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: raw_atomic_long_set include/linux/atomic/atomic-long.h:79 [inline]
 #0: ffff88810b3ca938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:3196 [inline]
 #0: ffff88810b3ca938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:675 [inline]
 #0: ffff88810b3ca938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:702 [inline]
 #0: ffff88810b3ca938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x96a/0x16f0 kernel/workqueue.c:2567
 #1: ffffc9000a3b7d80 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x99e/0x16f0 kernel/workqueue.c:2571
 #2: ffffffff88f955e8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4635
3 locks held by kworker/0:3/768:
 #0: ffff88810b3ca938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}
, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:20 [inline]
, at: raw_atomic64_set include/linux/atomic/atomic-arch-fallback.h:2608 [inline]
, at: raw_atomic_long_set include/linux/atomic/atomic-long.h:79 [inline]
, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:3196 [inline]
, at: set_work_data kernel/workqueue.c:675 [inline]
, at: set_work_pool_and_clear_pending kernel/workqueue.c:702 [inline]
, at: process_one_work+0x96a/0x16f0 kernel/workqueue.c:2567
 #1: ffffc90003047d80 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}
, at: process_one_work+0x99e/0x16f0 kernel/workqueue.c:2571
 #2: ffffffff88f955e8 (rtnl_mutex
){+.+.}-{3:3}
, at: addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4635
5 locks held by udevd/3337:
 #0: ffff88811e8359c8
 (&f->f_pos_lock
){+.+.}-{3:3}
, at: __fdget_pos+0x99/0xb0 fs/file.c:1046
 #1: ffff8881037e1790
 (&p->lock
){+.+.}-{3:3}
, at: seq_read_iter+0xda/0x1280 fs/seq_file.c:182
 #2: 
ffff888112e9c088
 (&of->mutex
){+.+.}-{3:3}
, at: kernfs_seq_start+0x4b/0x460 fs/kernfs/file.c:154
 #3: ffff88810b32f918 (kn->active#33){++++}-{0:0}, at: kernfs_seq_start+0x6f/0x460 fs/kernfs/file.c:155
 #4: 
ffff88813eb86190 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:963 [inline]
ffff88813eb86190 (&dev->mutex){....}-{3:3}, at: serial_show+0x26/0xa0 drivers/usb/core/sysfs.c:143
6 locks held by kworker/1:0/8155:
 #0: ffff88810c65e538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}
, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:20 [inline]
, at: raw_atomic64_set include/linux/atomic/atomic-arch-fallback.h:2608 [inline]
, at: raw_atomic_long_set include/linux/atomic/atomic-long.h:79 [inline]
, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:3196 [inline]
, at: set_work_data kernel/workqueue.c:675 [inline]
, at: set_work_pool_and_clear_pending kernel/workqueue.c:702 [inline]
, at: process_one_work+0x96a/0x16f0 kernel/workqueue.c:2567
 #1: ffffc9001075fd80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x99e/0x16f0 kernel/workqueue.c:2571
 #2: ffff88810673d190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #2: ffff88810673d190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1cc/0x5330 drivers/usb/core/hub.c:5777
 #3: ffff888143566190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #3: ffff888143566190 (&dev->mutex){....}-{3:3}, at: usb_disconnect+0x10a/0x890 drivers/usb/core/hub.c:2267
 #4: ffff8881143e1160 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:958 [inline]
 #4: ffff8881143e1160 (&dev->mutex){....}-{3:3}, at: __device_driver_lock drivers/base/dd.c:1093 [inline]
 #4: ffff8881143e1160 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xa4/0x610 drivers/base/dd.c:1290
 #5: ffffffff88f955e8
 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdev+0x12/0x30 net/core/dev.c:10923

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.5.0-rc4-syzkaller-00075-g98a9e32bdf25 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106
 nmi_cpu_backtrace+0x277/0x380 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x27b/0x2e0 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:222 [inline]
 watchdog+0xf29/0x11b0 kernel/hung_task.c:379
 kthread+0x33a/0x430 kernel/kthread.c:389
 ret_from_fork+0x2c/0x70 arch/x86/kernel/process.c:145
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 29430 Comm: kworker/0:9 Not tainted 6.5.0-rc4-syzkaller-00075-g98a9e32bdf25 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
Workqueue: events legacy_dvb_usb_read_remote_control
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:26 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:67 [inline]
RIP: 0010:arch_local_irq_save arch/x86/include/asm/irqflags.h:103 [inline]
RIP: 0010:lock_acquire kernel/locking/lockdep.c:5757 [inline]
RIP: 0010:lock_acquire+0x15d/0x510 kernel/locking/lockdep.c:5726
Code: 0c 01 48 89 f8 83 e0 07 83 c0 03 38 c8 7c 08 84 c9 0f 85 75 03 00 00 8b 92 7c 0a 00 00 85 d2 0f 85 d2 00 00 00 9c 8f 44 24 08 <48> 8b 6c 24 08 fa 48 c7 c7 60 99 87 86 e8 c1 8f 11 05 48 89 e8 45
RSP: 0018:ffffc90000007c88 EFLAGS: 00000046
RAX: 0000000000000007 RBX: 1ffff92000000f93 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff86a58fa0 RDI: ffff888144a6277c
RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff12625ea
R10: ffffffff89312f57 R11: 0000000000001c00 R12: 0000000000000001
R13: 0000000000000000 R14: ffff8881f66294d8 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8881f6600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2ed23000 CR3: 000000013255b000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:119 [inline]
 _raw_spin_lock_irq+0x36/0x50 kernel/locking/spinlock.c:170
 __run_timers+0x104/0xb10 kernel/time/timer.c:2004
 run_timer_softirq+0x58/0xd0 kernel/time/timer.c:2035
 __do_softirq+0x20b/0x94e kernel/softirq.c:553
 invoke_softirq kernel/softirq.c:427 [inline]
 __irq_exit_rcu kernel/softirq.c:632 [inline]
 irq_exit_rcu+0xa7/0x110 kernel/softirq.c:644
 sysvec_apic_timer_interrupt+0x8e/0xb0 arch/x86/kernel/apic/apic.c:1109
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:645
RIP: 0010:console_trylock_spinning kernel/printk/printk.c:1972 [inline]
RIP: 0010:vprintk_emit+0x3f6/0x640 kernel/printk/printk.c:2306
Code: 00 00 e8 cd d8 1b 00 9c 8f 45 d0 48 8b 45 d0 31 ff 25 00 02 00 00 49 89 c6 48 89 c6 e8 43 d4 1b 00 4d 85 f6 0f 85 fa 01 00 00 <f3> 0f 1e fa e8 a1 d8 1b 00 45 31 c9 41 b8 01 00 00 00 31 c9 68 a6
RSP: 0018:ffffc90007467b08 EFLAGS: 00000293
RAX: 0000000000000000 RBX: 000000000000003a RCX: 0000000000000000
RDX: ffff888144a61d00 RSI: ffffffff8130749a RDI: 0000000000000007
RBP: ffffc90007467b40 R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000000 R11: 0a2e746e65766520 R12: 0000000000000200
R13: ffff888104a55700 R14: 0000000000000001 R15: 0000000000000000
 vprintk+0x89/0xa0 kernel/printk/printk_safe.c:50
 _printk+0xc8/0x100 kernel/printk/printk.c:2328
 legacy_dvb_usb_read_remote_control+0x403/0x4f0 drivers/media/usb/dvb-usb/dvb-usb-remote.c:124
 process_one_work+0xaa2/0x16f0 kernel/workqueue.c:2597
 worker_thread+0x687/0x1110 kernel/workqueue.c:2748
 kthread+0x33a/0x430 kernel/kthread.c:389
 ret_from_fork+0x2c/0x70 arch/x86/kernel/process.c:145
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
 </TASK>

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/07/31 15:44 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 98a9e32bdf25 2a0d0f29 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb INFO: task hung in ieee80211_register_hw
* Struck through repros no longer work on HEAD.