INFO: task kworker/u4:0:9 blocked for more than 143 seconds. Not tainted 5.15.161-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u4:0 state:D stack: 0 pid: 9 ppid: 2 flags:0x00000008 Workqueue: events_power_efficient crda_timeout_work Call trace: __switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518 context_switch kernel/sched/core.c:5030 [inline] __schedule+0xf10/0x1e48 kernel/sched/core.c:6376 schedule+0x11c/0x1c8 kernel/sched/core.c:6459 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6518 __mutex_lock_common+0xba0/0x2154 kernel/locking/mutex.c:669 __mutex_lock kernel/locking/mutex.c:729 [inline] mutex_lock_nested+0xa4/0xf8 kernel/locking/mutex.c:743 rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 crda_timeout_work+0x1c/0x68 net/wireless/reg.c:537 process_one_work+0x790/0x11b8 kernel/workqueue.c:2310 worker_thread+0x910/0x1034 kernel/workqueue.c:2457 kthread+0x37c/0x45c kernel/kthread.c:334 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870 INFO: task syz.3.79:4236 blocked for more than 143 seconds. Not tainted 5.15.161-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.3.79 state:D stack: 0 pid: 4236 ppid: 3977 flags:0x00000001 Call trace: __switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518 context_switch kernel/sched/core.c:5030 [inline] __schedule+0xf10/0x1e48 kernel/sched/core.c:6376 schedule+0x11c/0x1c8 kernel/sched/core.c:6459 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6518 __mutex_lock_common+0xba0/0x2154 kernel/locking/mutex.c:669 __mutex_lock kernel/locking/mutex.c:729 [inline] mutex_lock_nested+0xa4/0xf8 kernel/locking/mutex.c:743 rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 __tun_chr_ioctl+0x4e0/0x2dd4 drivers/net/tun.c:3049 tun_chr_ioctl+0x38/0x4c drivers/net/tun.c:3346 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:874 [inline] __se_sys_ioctl fs/ioctl.c:860 [inline] __arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:860 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584 INFO: task syz.3.79:4241 blocked for more than 143 seconds. Not tainted 5.15.161-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.3.79 state:D stack: 0 pid: 4241 ppid: 3977 flags:0x00000009 Call trace: __switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518 context_switch kernel/sched/core.c:5030 [inline] __schedule+0xf10/0x1e48 kernel/sched/core.c:6376 schedule+0x11c/0x1c8 kernel/sched/core.c:6459 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6518 __mutex_lock_common+0xba0/0x2154 kernel/locking/mutex.c:669 __mutex_lock kernel/locking/mutex.c:729 [inline] mutex_lock_nested+0xa4/0xf8 kernel/locking/mutex.c:743 rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 devinet_ioctl+0x278/0x17fc net/ipv4/devinet.c:1066 inet_ioctl+0x2ac/0x500 net/ipv4/af_inet.c:978 packet_ioctl+0x1e0/0x450 net/packet/af_packet.c:4201 sock_do_ioctl+0x134/0x2dc net/socket.c:1140 sock_ioctl+0x4f0/0x8ac net/socket.c:1257 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:874 [inline] __se_sys_ioctl fs/ioctl.c:860 [inline] __arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:860 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584 INFO: task syz.2.88:4256 blocked for more than 143 seconds. Not tainted 5.15.161-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.2.88 state:D stack: 0 pid: 4256 ppid: 3975 flags:0x00000009 Call trace: __switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518 context_switch kernel/sched/core.c:5030 [inline] __schedule+0xf10/0x1e48 kernel/sched/core.c:6376 schedule+0x11c/0x1c8 kernel/sched/core.c:6459 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6518 __mutex_lock_common+0xba0/0x2154 kernel/locking/mutex.c:669 __mutex_lock kernel/locking/mutex.c:729 [inline] mutex_lock_nested+0xa4/0xf8 kernel/locking/mutex.c:743 rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 nl80211_pre_doit+0x3c/0x494 net/wireless/nl80211.c:14965 genl_family_rcv_msg_doit net/netlink/genetlink.c:726 [inline] genl_family_rcv_msg net/netlink/genetlink.c:775 [inline] genl_rcv_msg+0xbc8/0x1018 net/netlink/genetlink.c:792 netlink_rcv_skb+0x20c/0x3b8 net/netlink/af_netlink.c:2508 genl_rcv+0x38/0x50 net/netlink/genetlink.c:803 netlink_unicast_kernel net/netlink/af_netlink.c:1330 [inline] netlink_unicast+0x664/0x938 net/netlink/af_netlink.c:1356 netlink_sendmsg+0x844/0xb38 net/netlink/af_netlink.c:1924 sock_sendmsg_nosec net/socket.c:704 [inline] __sock_sendmsg net/socket.c:716 [inline] ____sys_sendmsg+0x584/0x870 net/socket.c:2431 ___sys_sendmsg+0x214/0x294 net/socket.c:2485 __sys_sendmsg net/socket.c:2514 [inline] __do_sys_sendmsg net/socket.c:2523 [inline] __se_sys_sendmsg net/socket.c:2521 [inline] __arm64_sys_sendmsg+0x1ac/0x25c net/socket.c:2521 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584 INFO: task syz.4.89:4263 blocked for more than 143 seconds. Not tainted 5.15.161-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.4.89 state:D stack: 0 pid: 4263 ppid: 3978 flags:0x00000001 Call trace: __switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518 context_switch kernel/sched/core.c:5030 [inline] __schedule+0xf10/0x1e48 kernel/sched/core.c:6376 schedule+0x11c/0x1c8 kernel/sched/core.c:6459 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6518 __mutex_lock_common+0xba0/0x2154 kernel/locking/mutex.c:669 __mutex_lock kernel/locking/mutex.c:729 [inline] mutex_lock_nested+0xa4/0xf8 kernel/locking/mutex.c:743 rtnl_lock net/core/rtnetlink.c:72 [inline] rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 netlink_rcv_skb+0x20c/0x3b8 net/netlink/af_netlink.c:2508 rtnetlink_rcv+0x28/0x38 net/core/rtnetlink.c:5647 netlink_unicast_kernel net/netlink/af_netlink.c:1330 [inline] netlink_unicast+0x664/0x938 net/netlink/af_netlink.c:1356 netlink_sendmsg+0x844/0xb38 net/netlink/af_netlink.c:1924 sock_sendmsg_nosec net/socket.c:704 [inline] __sock_sendmsg net/socket.c:716 [inline] ____sys_sendmsg+0x584/0x870 net/socket.c:2431 ___sys_sendmsg+0x214/0x294 net/socket.c:2485 __sys_sendmsg net/socket.c:2514 [inline] __do_sys_sendmsg net/socket.c:2523 [inline] __se_sys_sendmsg net/socket.c:2521 [inline] __arm64_sys_sendmsg+0x1ac/0x25c net/socket.c:2521 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584 INFO: task syz.0.100:4291 blocked for more than 143 seconds. Not tainted 5.15.161-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.0.100 state:D stack: 0 pid: 4291 ppid: 3974 flags:0x00000009 Call trace: __switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518 context_switch kernel/sched/core.c:5030 [inline] __schedule+0xf10/0x1e48 kernel/sched/core.c:6376 schedule+0x11c/0x1c8 kernel/sched/core.c:6459 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6518 __mutex_lock_common+0xba0/0x2154 kernel/locking/mutex.c:669 __mutex_lock kernel/locking/mutex.c:729 [inline] mutex_lock_nested+0xa4/0xf8 kernel/locking/mutex.c:743 rtnl_lock net/core/rtnetlink.c:72 [inline] rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 netlink_rcv_skb+0x20c/0x3b8 net/netlink/af_netlink.c:2508 rtnetlink_rcv+0x28/0x38 net/core/rtnetlink.c:5647 netlink_unicast_kernel net/netlink/af_netlink.c:1330 [inline] netlink_unicast+0x664/0x938 net/netlink/af_netlink.c:1356 netlink_sendmsg+0x844/0xb38 net/netlink/af_netlink.c:1924 sock_sendmsg_nosec net/socket.c:704 [inline] __sock_sendmsg net/socket.c:716 [inline] ____sys_sendmsg+0x584/0x870 net/socket.c:2431 ___sys_sendmsg+0x214/0x294 net/socket.c:2485 __sys_sendmsg net/socket.c:2514 [inline] __do_sys_sendmsg net/socket.c:2523 [inline] __se_sys_sendmsg net/socket.c:2521 [inline] __arm64_sys_sendmsg+0x1ac/0x25c net/socket.c:2521 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584 Showing all locks held in the system: 3 locks held by kworker/u4:0/9: #0: ffff0000c002a138 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x66c/0x11b8 kernel/workqueue.c:2283 #1: ffff800018967c00 ((crda_timeout).work){+.+.}-{0:0}, at: process_one_work+0x6ac/0x11b8 kernel/workqueue.c:2285 #2: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 1 lock held by khungtaskd/27: #0: ffff800014b214a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:311 2 locks held by getty/3727: #0: ffff0000d4698098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x40/0x50 drivers/tty/tty_ldsem.c:340 #1: ffff800018e362e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1204 drivers/tty/n_tty.c:2158 3 locks held by kworker/1:4/3979: #0: ffff0000d282c138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x66c/0x11b8 kernel/workqueue.c:2283 #1: ffff80001c867c00 ((addr_chk_work).work){+.+.}-{0:0}, at: process_one_work+0x6ac/0x11b8 kernel/workqueue.c:2285 #2: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 2 locks held by syz.1.81/4234: 1 lock held by syz.3.79/4236: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 1 lock held by syz.3.79/4241: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 2 locks held by syz.2.88/4256: #0: ffff800016aa3450 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 net/netlink/genetlink.c:802 #1: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 3 locks held by kworker/u4:7/4259: #0: ffff0000c002a138 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x66c/0x11b8 kernel/workqueue.c:2283 #1: ffff80001cdd7c00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x6ac/0x11b8 kernel/workqueue.c:2285 #2: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:72 1 lock held by syz.4.89/4263: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz.0.100/4291: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4294: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4295: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4303: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4305: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4310: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4322: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4325: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4326: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4329: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4335: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4341: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4344: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4345: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4348: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 1 lock held by syz-executor/4354: #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:72 [inline] #0: ffff800016a47328 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0xa2c/0xdac net/core/rtnetlink.c:5626 =============================================