INFO: task kworker/u8:6:2422 blocked for more than 143 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:6 state:D stack:24008 pid:2422 tgid:2422 ppid:2 flags:0x00004000
Workqueue: netns cleanup_net
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
rwsem_down_write_slowpath+0x539/0x12a0 kernel/locking/rwsem.c:1178
__down_write_common kernel/locking/rwsem.c:1306 [inline]
__down_write kernel/locking/rwsem.c:1315 [inline]
down_write+0x1d8/0x200 kernel/locking/rwsem.c:1580
kernfs_remove_by_name_ns+0x87/0x130 fs/kernfs/dir.c:1689
kernfs_remove_by_name include/linux/kernfs.h:625 [inline]
sysfs_unmerge_group+0xe7/0x170 fs/sysfs/group.c:399
dpm_sysfs_remove+0x68/0xb0 drivers/base/power/sysfs.c:833
device_del+0x1a1/0x9f0 drivers/base/core.c:3843
wiphy_unregister+0x2f6/0xc10 net/wireless/core.c:1122
ieee80211_unregister_hw+0x248/0x3a0 net/mac80211/main.c:1692
mac80211_hwsim_del_radio drivers/net/wireless/virtual/mac80211_hwsim.c:5625 [inline]
hwsim_exit_net+0x3ad/0x7d0 drivers/net/wireless/virtual/mac80211_hwsim.c:6505
ops_exit_list+0xb0/0x180 net/core/net_namespace.c:173
cleanup_net+0x5b7/0xbf0 net/core/net_namespace.c:640
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231
process_scheduled_works kernel/workqueue.c:3312 [inline]
worker_thread+0x6c8/0xf20 kernel/workqueue.c:3390
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
INFO: task kworker/u8:10:2489 blocked for more than 143 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:10 state:D stack:23456 pid:2489 tgid:2489 ppid:2 flags:0x00004000
Workqueue: cfg80211 cfg80211_dfs_channels_update_work
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
cfg80211_dfs_channels_update_work+0xd0/0x640 net/wireless/mlme.c:1021
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231
process_scheduled_works kernel/workqueue.c:3312 [inline]
worker_thread+0x6c8/0xf20 kernel/workqueue.c:3390
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
INFO: task udevd:4543 blocked for more than 143 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:udevd state:D stack:24416 pid:4543 tgid:4543 ppid:1 flags:0x00004002
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
__wait_on_freeing_inode+0x13b/0x320 fs/inode.c:2300
find_inode_fast+0x262/0x600 fs/inode.c:957
iget_locked+0x98/0x6c0 fs/inode.c:1320
kernfs_get_inode+0x48/0x460 fs/kernfs/inode.c:251
kernfs_iop_lookup+0x1ec/0x330 fs/kernfs/dir.c:1214
__lookup_slow+0x24f/0x460 fs/namei.c:1718
lookup_slow fs/namei.c:1735 [inline]
walk_component+0x350/0x5b0 fs/namei.c:2039
lookup_last fs/namei.c:2542 [inline]
path_lookupat+0x17f/0x770 fs/namei.c:2566
filename_lookup+0x1e5/0x5b0 fs/namei.c:2595
do_readlinkat+0xcf/0x390 fs/stat.c:537
__do_sys_readlink fs/stat.c:574 [inline]
__se_sys_readlink fs/stat.c:571 [inline]
__x64_sys_readlink+0x78/0xc0 fs/stat.c:571
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd80d5a0d47
RSP: 002b:00007ffd521bd638 EFLAGS: 00000246 ORIG_RAX: 0000000000000059
RAX: ffffffffffffffda RBX: 00007ffd521bd648 RCX: 00007fd80d5a0d47
RDX: 0000000000000400 RSI: 00007ffd521bd648 RDI: 00007ffd521bdb28
RBP: 0000000000000400 R08: 0000558cee5f3974 R09: 0000000000000000
R10: 0000000000000812 R11: 0000000000000246 R12: 00007ffd521bdb28
R13: 00007ffd521bda98 R14: 0000558cee5d82c0 R15: 0000000000000000
INFO: task dhcpcd:4756 blocked for more than 144 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:dhcpcd state:D stack:24512 pid:4756 tgid:4756 ppid:1 flags:0x00000002
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
vlan_ioctl_handler+0xcf/0xa80 net/8021q/vlan.c:553
sock_ioctl+0x4c4/0x6c0 net/socket.c:1305
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:907 [inline]
__se_sys_ioctl fs/ioctl.c:893 [inline]
__x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f86f46cdd49
RSP: 002b:00007ffd2c2377f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000555c1dfc7d60 RCX: 00007f86f46cdd49
RDX: 00007ffd2c237800 RSI: 0000000000008982 RDI: 0000000000000011
RBP: 0000000000000002 R08: 0000000000000008 R09: 0000000000000000
R10: 00007ffd2c247e80 R11: 0000000000000246 R12: 00007ffd2c237800
R13: 00007ffd2c2378c0 R14: 0000555c1dfc7d60 R15: 0000555c1e1c77a0
INFO: task kworker/0:4:5148 blocked for more than 144 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:4 state:D stack:24368 pid:5148 tgid:5148 ppid:2 flags:0x00004000
Workqueue: events linkwatch_event
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
linkwatch_event+0x51/0xc0 net/core/link_watch.c:276
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231
process_scheduled_works kernel/workqueue.c:3312 [inline]
worker_thread+0x6c8/0xf20 kernel/workqueue.c:3390
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
INFO: task syz-executor:8075 blocked for more than 144 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:23648 pid:8075 tgid:8075 ppid:1 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
rwsem_down_read_slowpath+0x61e/0xb20 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1250 [inline]
__down_read kernel/locking/rwsem.c:1263 [inline]
down_read+0x124/0x330 kernel/locking/rwsem.c:1528
kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
d_revalidate fs/namei.c:868 [inline]
d_revalidate fs/namei.c:865 [inline]
lookup_fast+0x239/0x540 fs/namei.c:1679
walk_component+0x5b/0x5b0 fs/namei.c:2035
link_path_walk.part.0.constprop.0+0x669/0xd40 fs/namei.c:2404
link_path_walk fs/namei.c:2336 [inline]
path_openat+0x238/0x2d20 fs/namei.c:3882
do_filp_open+0x1dc/0x430 fs/namei.c:3913
do_sys_openat2+0x17a/0x1e0 fs/open.c:1416
do_sys_open fs/open.c:1431 [inline]
__do_sys_openat fs/open.c:1447 [inline]
__se_sys_openat fs/open.c:1442 [inline]
__x64_sys_openat+0x175/0x210 fs/open.c:1442
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f34a4d75811
RSP: 002b:00007ffd3b484780 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 000000000000032b RCX: 00007f34a4d75811
RDX: 0000000000090800 RSI: 00007f34a4de3a0a RDI: 00000000ffffff9c
RBP: 00007ffd3b48483c R08: 0000000000000000 R09: 00007f34a5ae8080
R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffd3b4848b0
R13: 0000000000000000 R14: 00000000000d6e1f R15: 00000000000d6ab7
INFO: task kworker/1:1:10104 blocked for more than 145 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:1 state:D stack:26016 pid:10104 tgid:10104 ppid:2 flags:0x00004000
Workqueue: events uhid_device_add_worker
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
rwsem_down_write_slowpath+0x539/0x12a0 kernel/locking/rwsem.c:1178
__down_write_common kernel/locking/rwsem.c:1306 [inline]
__down_write kernel/locking/rwsem.c:1315 [inline]
down_write+0x1d8/0x200 kernel/locking/rwsem.c:1580
kernfs_add_one+0xb1/0x520 fs/kernfs/dir.c:778
kernfs_create_dir_ns+0xf4/0x150 fs/kernfs/dir.c:1071
sysfs_create_dir_ns+0x13b/0x2b0 fs/sysfs/dir.c:59
create_dir lib/kobject.c:73 [inline]
kobject_add_internal+0x2c8/0x990 lib/kobject.c:240
kobject_add_varg lib/kobject.c:374 [inline]
kobject_add+0x16f/0x240 lib/kobject.c:426
device_add+0x289/0x1a70 drivers/base/core.c:3617
hid_add_device+0x37f/0xa70 drivers/hid/hid-core.c:2857
uhid_device_add_worker+0x3e/0x110 drivers/hid/uhid.c:73
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231
process_scheduled_works kernel/workqueue.c:3312 [inline]
worker_thread+0x6c8/0xf20 kernel/workqueue.c:3390
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
INFO: task syz-executor:10971 blocked for more than 145 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:23472 pid:10971 tgid:10971 ppid:1 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
rwsem_down_read_slowpath+0x61e/0xb20 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1250 [inline]
__down_read kernel/locking/rwsem.c:1263 [inline]
down_read+0x124/0x330 kernel/locking/rwsem.c:1528
kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
d_revalidate fs/namei.c:868 [inline]
d_revalidate fs/namei.c:865 [inline]
lookup_fast+0x239/0x540 fs/namei.c:1679
walk_component+0x5b/0x5b0 fs/namei.c:2035
link_path_walk.part.0.constprop.0+0x669/0xd40 fs/namei.c:2404
link_path_walk fs/namei.c:2336 [inline]
path_openat+0x238/0x2d20 fs/namei.c:3882
do_filp_open+0x1dc/0x430 fs/namei.c:3913
do_sys_openat2+0x17a/0x1e0 fs/open.c:1416
do_sys_open fs/open.c:1431 [inline]
__do_sys_openat fs/open.c:1447 [inline]
__se_sys_openat fs/open.c:1442 [inline]
__x64_sys_openat+0x175/0x210 fs/open.c:1442
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f436db75811
RSP: 002b:00007ffed2afed50 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00000000000000fb RCX: 00007f436db75811
RDX: 0000000000090800 RSI: 00007f436dbe3a0a RDI: 00000000ffffff9c
RBP: 00007ffed2afee0c R08: 0000000000000000 R09: 00007f436e8be080
R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffed2afee80
R13: 0000000000000000 R14: 00000000000d766e R15: 00000000000d731a
INFO: task syz-executor:11130 blocked for more than 146 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:23792 pid:11130 tgid:11130 ppid:1 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
rwsem_down_read_slowpath+0x61e/0xb20 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1250 [inline]
__down_read kernel/locking/rwsem.c:1263 [inline]
down_read+0x124/0x330 kernel/locking/rwsem.c:1528
kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
d_revalidate fs/namei.c:868 [inline]
d_revalidate fs/namei.c:865 [inline]
lookup_fast+0x239/0x540 fs/namei.c:1679
walk_component+0x5b/0x5b0 fs/namei.c:2035
link_path_walk.part.0.constprop.0+0x669/0xd40 fs/namei.c:2404
link_path_walk fs/namei.c:2336 [inline]
path_openat+0x238/0x2d20 fs/namei.c:3882
do_filp_open+0x1dc/0x430 fs/namei.c:3913
do_sys_openat2+0x17a/0x1e0 fs/open.c:1416
do_sys_open fs/open.c:1431 [inline]
__do_sys_openat fs/open.c:1447 [inline]
__se_sys_openat fs/open.c:1442 [inline]
__x64_sys_openat+0x175/0x210 fs/open.c:1442
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f38eeb75811
RSP: 002b:00007ffe936f1b60 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00000000000000f9 RCX: 00007f38eeb75811
RDX: 0000000000090800 RSI: 00007f38eebe3a0a RDI: 00000000ffffff9c
RBP: 00007ffe936f1c1c R08: 0000000000000000 R09: 00007f38ef8b9080
R10: 0000000000000000 R11: 0000000000000287 R12: 00007ffe936f1c90
R13: 0000000000000000 R14: 00000000000d773a R15: 00000000000d73ec
INFO: task syz-executor:12428 blocked for more than 146 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:23664 pid:12428 tgid:12428 ppid:1 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
rwsem_down_read_slowpath+0x61e/0xb20 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1250 [inline]
__down_read kernel/locking/rwsem.c:1263 [inline]
down_read+0x124/0x330 kernel/locking/rwsem.c:1528
kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
d_revalidate fs/namei.c:868 [inline]
d_revalidate fs/namei.c:865 [inline]
lookup_fast+0x239/0x540 fs/namei.c:1679
walk_component+0x5b/0x5b0 fs/namei.c:2035
link_path_walk.part.0.constprop.0+0x669/0xd40 fs/namei.c:2404
link_path_walk fs/namei.c:2336 [inline]
path_openat+0x238/0x2d20 fs/namei.c:3882
do_filp_open+0x1dc/0x430 fs/namei.c:3913
do_sys_openat2+0x17a/0x1e0 fs/open.c:1416
do_sys_open fs/open.c:1431 [inline]
__do_sys_openat fs/open.c:1447 [inline]
__se_sys_openat fs/open.c:1442 [inline]
__x64_sys_openat+0x175/0x210 fs/open.c:1442
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1235175811
RSP: 002b:00007fff1e020d20 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 000000000000001a RCX: 00007f1235175811
RDX: 0000000000090800 RSI: 00007f12351e3a0a RDI: 00000000ffffff9c
RBP: 00007fff1e020ddc R08: 0000000000000000 R09: 00007f1235f7b080
R10: 0000000000000000 R11: 0000000000000287 R12: 00007fff1e020e50
R13: 0000000000000000 R14: 00000000000d758a R15: 00000000000d7224
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz-executor:12802 blocked for more than 146 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:25136 pid:12802 tgid:12802 ppid:1 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
rtnl_lock net/core/rtnetlink.c:79 [inline]
rtnetlink_rcv_msg+0x372/0xea0 net/core/rtnetlink.c:6644
netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
netlink_unicast+0x544/0x830 net/netlink/af_netlink.c:1357
netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg net/socket.c:745 [inline]
__sys_sendto+0x47f/0x4e0 net/socket.c:2204
__do_sys_sendto net/socket.c:2216 [inline]
__se_sys_sendto net/socket.c:2212 [inline]
__x64_sys_sendto+0xe0/0x1c0 net/socket.c:2212
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5a2fd77cac
RSP: 002b:00007fff11b49880 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f5a30a34620 RCX: 00007f5a2fd77cac
RDX: 0000000000000028 RSI: 00007f5a30a34670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007fff11b498d4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f5a30a34670 R15: 0000000000000000
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz.3.1494:12918 blocked for more than 147 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.1494 state:D stack:27168 pid:12918 tgid:12918 ppid:8075 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
raw_release+0x1c6/0xae0 net/can/raw.c:415
__sock_release+0xb0/0x270 net/socket.c:659
sock_close+0x1c/0x30 net/socket.c:1421
__fput+0x408/0xbb0 fs/file_table.c:422
task_work_run+0x14e/0x250 kernel/task_work.c:222
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
exit_to_user_mode_loop kernel/entry/common.c:114 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0x27b/0x2a0 kernel/entry/common.c:218
do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f34a4d75f19
RSP: 002b:00007ffd3b4845c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 00007f34a4f07a60 RCX: 00007f34a4d75f19
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 00007f34a4f07a60 R08: 0000000000000006 R09: 0000001d3b4848ef
R10: 00000000003fe0b0 R11: 0000000000000246 R12: 00000000000d6e0c
R13: 0000000000000032 R14: 00007f34a4f07a60 R15: 00007f34a4f06110
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz.1.1500:12941 blocked for more than 147 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.1500 state:D stack:27168 pid:12941 tgid:12941 ppid:12428 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_timeout+0x258/0x2a0 kernel/time/timer.c:2557
do_wait_for_common kernel/sched/completion.c:95 [inline]
__wait_for_common+0x3de/0x5f0 kernel/sched/completion.c:116
__flush_work+0x5bd/0xc60 kernel/workqueue.c:4208
__cancel_work_sync+0x10c/0x130 kernel/workqueue.c:4328
uhid_dev_destroy drivers/hid/uhid.c:584 [inline]
uhid_char_release+0xca/0x210 drivers/hid/uhid.c:662
__fput+0x408/0xbb0 fs/file_table.c:422
task_work_run+0x14e/0x250 kernel/task_work.c:222
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
exit_to_user_mode_loop kernel/entry/common.c:114 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0x27b/0x2a0 kernel/entry/common.c:218
do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1235175f19
RSP: 002b:00007fff1e020b68 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 00007f1235307a60 RCX: 00007f1235175f19
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 00007f1235307a60 R08: 0000000000000006 R09: 0000001b1e020e8f
R10: 00000000005dce88 R11: 0000000000000246 R12: 00000000000d7588
R13: 0000000000000032 R14: 00007f1235307a60 R15: 00007fff1e020c50
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz.2.1502:12950 blocked for more than 147 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.1502 state:D stack:27856 pid:12950 tgid:12949 ppid:10971 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
rwsem_down_write_slowpath+0x539/0x12a0 kernel/locking/rwsem.c:1178
__down_write_common kernel/locking/rwsem.c:1306 [inline]
__down_write kernel/locking/rwsem.c:1315 [inline]
down_write+0x1d8/0x200 kernel/locking/rwsem.c:1580
kernfs_add_one+0xb1/0x520 fs/kernfs/dir.c:778
kernfs_create_dir_ns+0xf4/0x150 fs/kernfs/dir.c:1071
sysfs_create_dir_ns+0x13b/0x2b0 fs/sysfs/dir.c:59
create_dir lib/kobject.c:73 [inline]
kobject_add_internal+0x2c8/0x990 lib/kobject.c:240
kobject_add_varg lib/kobject.c:374 [inline]
kobject_add+0x16f/0x240 lib/kobject.c:426
device_add+0x289/0x1a70 drivers/base/core.c:3617
device_create_groups_vargs+0x1f8/0x270 drivers/base/core.c:4371
device_create+0xe9/0x130 drivers/base/core.c:4410
bdi_register_va+0x116/0x820 mm/backing-dev.c:1094
super_setup_bdi_name+0x100/0x250 fs/super.c:1848
fuse_bdi_init fs/fuse/inode.c:1449 [inline]
fuse_fill_super_common+0x5e6/0x1040 fs/fuse/inode.c:1724
fuse_fill_super+0x201/0x2e0 fs/fuse/inode.c:1800
vfs_get_super fs/super.c:1269 [inline]
get_tree_nodev+0xda/0x190 fs/super.c:1288
fuse_get_tree+0x279/0x600 fs/fuse/inode.c:1875
vfs_get_tree+0x8f/0x380 fs/super.c:1789
do_new_mount fs/namespace.c:3472 [inline]
path_mount+0x14e6/0x1f20 fs/namespace.c:3799
do_mount fs/namespace.c:3812 [inline]
__do_sys_mount fs/namespace.c:4020 [inline]
__se_sys_mount fs/namespace.c:3997 [inline]
__x64_sys_mount+0x294/0x320 fs/namespace.c:3997
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f436db75f19
RSP: 002b:00007f436e8bd048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007f436dd05f60 RCX: 00007f436db75f19
RDX: 0000000020002100 RSI: 00000000200020c0 RDI: 0000000000000000
RBP: 00007f436dbe4e68 R08: 0000000020002140 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f436dd05f60 R15: 00007ffed2afeab8
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz.0.1503:12954 blocked for more than 148 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.1503 state:D stack:27248 pid:12954 tgid:12953 ppid:11130 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
__tun_chr_ioctl+0x4fc/0x4770 drivers/net/tun.c:3117
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:907 [inline]
__se_sys_ioctl fs/ioctl.c:893 [inline]
__x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f38eeb75f19
RSP: 002b:00007f38ef8b8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f38eed05f60 RCX: 00007f38eeb75f19
RDX: 0000000020000000 RSI: 00000000400454ca RDI: 0000000000000008
RBP: 00007f38eebe4e68 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f38eed05f60 R15: 00007ffe936f18c8
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz.0.1503:12955 blocked for more than 148 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.1503 state:D stack:29056 pid:12955 tgid:12953 ppid:11130 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
__tun_chr_ioctl+0x62d/0x4770 drivers/net/tun.c:3117
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:907 [inline]
__se_sys_ioctl fs/ioctl.c:893 [inline]
__x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f38eeb75f19
RSP: 002b:00007f38ef897048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f38eed06038 RCX: 00007f38eeb75f19
RDX: 0000000020000040 RSI: 00000000401054d5 RDI: 0000000000000008
RBP: 00007f38eebe4e68 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007f38eed06038 R15: 00007ffe936f18c8
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz.0.1503:12956 blocked for more than 148 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.1503 state:D stack:26992 pid:12956 tgid:12953 ppid:11130 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
do_ipv6_setsockopt+0x2162/0x47b0 net/ipv6/ipv6_sockglue.c:566
ipv6_setsockopt+0xe3/0x1a0 net/ipv6/ipv6_sockglue.c:993
tcp_setsockopt+0xa4/0x100 net/ipv4/tcp.c:3768
do_sock_setsockopt+0x222/0x480 net/socket.c:2324
__sys_setsockopt+0x1a4/0x270 net/socket.c:2347
__do_sys_setsockopt net/socket.c:2356 [inline]
__se_sys_setsockopt net/socket.c:2353 [inline]
__x64_sys_setsockopt+0xbd/0x160 net/socket.c:2353
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f38eeb75f19
RSP: 002b:00007f38ef876048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f38eed06110 RCX: 00007f38eeb75f19
RDX: 000000000000001b RSI: 0000000000000029 RDI: 0000000000000003
RBP: 00007f38eebe4e68 R08: 0000000000000013 R09: 0000000000000000
R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007f38eed06110 R15: 00007ffe936f18c8
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task syz-executor:12958 blocked for more than 149 seconds.
Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:27408 pid:12958 tgid:12958 ppid:5080 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5188 [inline]
__schedule+0xe37/0x5490 kernel/sched/core.c:6529
__schedule_loop kernel/sched/core.c:6606 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6621
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6678
rwsem_down_read_slowpath+0x61e/0xb20 kernel/locking/rwsem.c:1086
__down_read_common kernel/locking/rwsem.c:1250 [inline]
__down_read kernel/locking/rwsem.c:1263 [inline]
down_read+0x124/0x330 kernel/locking/rwsem.c:1528
kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
d_revalidate fs/namei.c:868 [inline]
d_revalidate fs/namei.c:865 [inline]
lookup_fast+0x239/0x540 fs/namei.c:1679
walk_component+0x5b/0x5b0 fs/namei.c:2035
link_path_walk.part.0.constprop.0+0x669/0xd40 fs/namei.c:2404
link_path_walk fs/namei.c:2336 [inline]
path_openat+0x238/0x2d20 fs/namei.c:3882
do_filp_open+0x1dc/0x430 fs/namei.c:3913
do_sys_openat2+0x17a/0x1e0 fs/open.c:1416
do_sys_open fs/open.c:1431 [inline]
__do_sys_openat fs/open.c:1447 [inline]
__se_sys_openat fs/open.c:1442 [inline]
__x64_sys_openat+0x175/0x210 fs/open.c:1442
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4c663748d1
RSP: 002b:00007fff48321880 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f4c663748d1
RDX: 0000000000000002 RSI: 00007f4c663e3b5f RDI: 00000000ffffff9c
RBP: 00007f4c663e3b5f R08: 0000000000000000 R09: 00007fff48321bc8
R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000009
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
Showing all locks held in the system:
3 locks held by kworker/u8:1/12:
#0: ffff88802a003148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc90000117d80 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4734
3 locks held by kworker/1:0/25:
#0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc900001f7d80 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
1 lock held by khungtaskd/30:
#0: ffffffff8dbb5220 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
#0: ffffffff8dbb5220 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#0: ffffffff8dbb5220 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 kernel/locking/lockdep.c:6620
6 locks held by kworker/u8:6/2422:
#0: ffff8880162db148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc9000910fd80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffffffff8f75ca90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xbf0 net/core/net_namespace.c:594
#3: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: wiphy_unregister+0x13e/0xc10 net/wireless/core.c:1100
#4: ffff888066560768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: wiphy_lock include/net/cfg80211.h:6014 [inline]
#4: ffff888066560768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: wiphy_unregister+0x148/0xc10 net/wireless/core.c:1101
#5: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_remove_by_name_ns+0x87/0x130 fs/kernfs/dir.c:1689
3 locks held by kworker/u8:7/2431:
#0: ffff8880b923ee18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:568 [inline]
#0: ffff8880b923ee18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 kernel/sched/core.c:553
#1: ffff8880b9328a48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2d9/0x900 kernel/sched/psi.c:989
#2: ffff8880b932a898 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 kernel/time/timer.c:1051
3 locks held by kworker/u8:10/2489:
#0: ffff888017779148 ((wq_completion)cfg80211){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc900091cfd80 ((work_completion)(&(&rdev->dfs_update_channels_wk)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: cfg80211_dfs_channels_update_work+0xd0/0x640 net/wireless/mlme.c:1021
2 locks held by udevd/4543:
#0: ffff88807e648650 (&type->i_mutex_dir_key#4){++++}-{3:3}, at: inode_lock_shared include/linux/fs.h:809 [inline]
#0: ffff88807e648650 (&type->i_mutex_dir_key#4){++++}-{3:3}, at: lookup_slow fs/namei.c:1734 [inline]
#0: ffff88807e648650 (&type->i_mutex_dir_key#4){++++}-{3:3}, at: walk_component+0x342/0x5b0 fs/namei.c:2039
#1: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_iop_lookup+0xa3/0x330 fs/kernfs/dir.c:1200
2 locks held by dhcpcd/4756:
#0: ffffffff8f747fe8 (vlan_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x4a8/0x6c0 net/socket.c:1303
#1: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: vlan_ioctl_handler+0xcf/0xa80 net/8021q/vlan.c:553
2 locks held by getty/4845:
#0: ffff88802abd70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc9000311b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490 drivers/tty/n_tty.c:2211
4 locks held by kworker/1:3/5098:
#0: ffff8880b923ee18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:568 [inline]
#0: ffff8880b923ee18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 kernel/sched/core.c:553
#1: ffff8880b9328a48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2d9/0x900 kernel/sched/psi.c:989
#2: ffff8880b932a898 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 kernel/time/timer.c:1051
#3: ffffffff94d76218 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x199/0x540 lib/debugobjects.c:709
5 locks held by kworker/u9:4/5106:
#0: ffff88802290d948 ((wq_completion)hci0){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc900035e7d80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffff8880783acd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x170/0x410 net/bluetooth/hci_sync.c:327
#3: ffff8880783ac078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x150/0xb50 net/bluetooth/hci_sync.c:5491
#4: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_find_and_get_ns+0x71/0xc0 fs/kernfs/dir.c:918
3 locks held by kworker/1:4/5147:
#0: ffff888015481948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc90003b9fd80 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x84/0x1140 net/wireless/reg.c:2480
3 locks held by kworker/0:4/5148:
#0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc900031f7d80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0x51/0xc0 net/core/link_watch.c:276
2 locks held by kworker/u8:11/7151:
1 lock held by syz-executor/8075:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
5 locks held by kworker/u9:1/9095:
#0: ffff88805ef48148 ((wq_completion)hci4){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc90003b07d80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffff88807dc50d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x170/0x410 net/bluetooth/hci_sync.c:327
#3: ffff88807dc50078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x150/0xb50 net/bluetooth/hci_sync.c:5491
#4: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_find_and_get_ns+0x71/0xc0 fs/kernfs/dir.c:918
3 locks held by kworker/1:1/10104:
#0: ffff888015480948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3206
#1: ffffc900034efd80 ((work_completion)(&uhid->worker)){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3207
#2: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0xb1/0x520 fs/kernfs/dir.c:778
1 lock held by syz-executor/10971:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
1 lock held by syz-executor/11130:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
1 lock held by syz-executor/12428:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
1 lock held by syz-executor/12802:
#0: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
#0: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 net/core/rtnetlink.c:6644
2 locks held by syz.3.1494/12918:
#0: ffff888077127408 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:799 [inline]
#0: ffff888077127408 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x270 net/socket.c:658
#1: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: raw_release+0x1c6/0xae0 net/can/raw.c:415
2 locks held by syz.2.1502/12950:
#0: ffff88807a59a0e0 (&type->s_umount_key#65/1){+.+.}-{3:3}, at: alloc_super+0x23d/0xbd0 fs/super.c:344
#1: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0xb1/0x520 fs/kernfs/dir.c:778
1 lock held by syz.0.1503/12954:
#0: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x4fc/0x4770 drivers/net/tun.c:3117
1 lock held by syz.0.1503/12955:
#0: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x62d/0x4770 drivers/net/tun.c:3117
1 lock held by syz.0.1503/12956:
#0: ffffffff8f7721e8 (rtnl_mutex){+.+.}-{3:3}, at: do_ipv6_setsockopt+0x2162/0x47b0 net/ipv6/ipv6_sockglue.c:566
1 lock held by syz-executor/12958:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
1 lock held by syz-executor/12959:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
1 lock held by syz-executor/12960:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
1 lock held by syz-executor/12961:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
1 lock held by syz-executor/12962:
#0: ffff8880162dc148 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5a0 fs/kernfs/dir.c:1159
=============================================
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Call Trace:
__dump_stack lib/dump_stack.c:93 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119
nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]
watchdog+0xf4e/0x1280 kernel/hung_task.c:379
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 2431 Comm: kworker/u8:7 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
Workqueue: bat_events batadv_nc_worker
RIP: 0010:__lock_acquire+0x264/0x3cb0 kernel/locking/lockdep.c:5068
Code: 00 41 0f b7 56 20 8b 74 24 20 81 e2 ff 1f 00 00 39 f2 75 0c 48 83 7c 24 10 00 0f 85 5a 0c 00 00 48 8b 04 24 44 0f b7 74 24 20 <49> 01 c5 49 8d 45 20 66 41 81 e6 ff 1f 48 89 c2 48 89 44 24 30 48
RSP: 0018:ffffc900092bf8e0 EFLAGS: 00000006
RAX: ffff888029bce4e0 RBX: 0000000000000000 RCX: 1ffff11005379ca5
RDX: 00000000000006f3 RSI: 0000000000000021 RDI: ffff888029bce528
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 000000000000000a R11: 0000000000000002 R12: ffffffff8dbb5220
R13: 0000000000000050 R14: 0000000000000021 R15: ffff888029bcda00
FS: 0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f1c9731ffff CR3: 000000000d97c000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
lock_acquire kernel/locking/lockdep.c:5759 [inline]
lock_acquire+0x1b1/0x560 kernel/locking/lockdep.c:5724
rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
rcu_read_lock include/linux/rcupdate.h:838 [inline]
batadv_nc_process_nc_paths.part.0+0xe4/0x3e0 net/batman-adv/network-coding.c:687
batadv_nc_process_nc_paths net/batman-adv/network-coding.c:679 [inline]
batadv_nc_worker+0xd53/0x10f0 net/batman-adv/network-coding.c:728
process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231
process_scheduled_works kernel/workqueue.c:3312 [inline]
worker_thread+0x6c8/0xf20 kernel/workqueue.c:3390
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244