INFO: task kworker/0:2:974 blocked for more than 143 seconds.
Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:2 state:D stack:22616 pid:974 tgid:974 ppid:2 task_flags:0x4208060 flags:0x00004000
Workqueue: usb_hub_wq hub_event
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x116f/0x5de0 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6860
schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75
do_wait_for_common kernel/sched/completion.c:95 [inline]
__wait_for_common+0x2fc/0x4e0 kernel/sched/completion.c:116
devtmpfs_submit_req+0xa8/0x100 drivers/base/devtmpfs.c:122
devtmpfs_create_node+0x18a/0x230 drivers/base/devtmpfs.c:153
device_add+0x10bd/0x1a70 drivers/base/core.c:3640
usb_new_device+0xd07/0x1a20 drivers/usb/core/hub.c:2663
hub_port_connect drivers/usb/core/hub.c:5531 [inline]
hub_port_connect_change drivers/usb/core/hub.c:5671 [inline]
port_event drivers/usb/core/hub.c:5831 [inline]
hub_event+0x2eb7/0x4fa0 drivers/usb/core/hub.c:5913
process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238
process_scheduled_works kernel/workqueue.c:3319 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400
kthread+0x3c2/0x780 kernel/kthread.c:464
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
INFO: task kworker/1:3:5824 blocked for more than 143 seconds.
Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:3 state:D stack:25808 pid:5824 tgid:5824 ppid:2 task_flags:0x4288060 flags:0x00004000
Workqueue: usb_hub_wq hub_event
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x116f/0x5de0 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6860
schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75
do_wait_for_common kernel/sched/completion.c:95 [inline]
__wait_for_common+0x2fc/0x4e0 kernel/sched/completion.c:116
devtmpfs_submit_req+0xa8/0x100 drivers/base/devtmpfs.c:122
devtmpfs_delete_node+0xf6/0x160 drivers/base/devtmpfs.c:171
device_del+0x734/0x9f0 drivers/base/core.c:3834
device_unregister+0x1d/0xc0 drivers/base/core.c:3896
device_destroy+0x99/0xe0 drivers/base/core.c:4450
sound_remove_unit+0x13f/0x210 sound/sound_core.c:306
snd_unregister_oss_device+0x133/0x2a0 sound/core/sound_oss.c:178
snd_mixer_oss_notify_handler+0x403/0xa50 sound/core/oss/mixer_oss.c:1337
snd_card_disconnect.part.0+0x37b/0x810 sound/core/init.c:530
snd_card_disconnect+0x1f/0x30 sound/core/init.c:495
usb_audio_disconnect+0x350/0x890 sound/usb/card.c:972
usb_unbind_interface+0x1da/0x9a0 drivers/usb/core/driver.c:458
device_remove drivers/base/dd.c:569 [inline]
device_remove+0x122/0x170 drivers/base/dd.c:561
__device_release_driver drivers/base/dd.c:1273 [inline]
device_release_driver_internal+0x44b/0x620 drivers/base/dd.c:1296
bus_remove_device+0x22f/0x420 drivers/base/bus.c:579
device_del+0x396/0x9f0 drivers/base/core.c:3855
usb_disable_device+0x355/0x7d0 drivers/usb/core/message.c:1418
usb_disconnect+0x2e1/0x920 drivers/usb/core/hub.c:2316
hub_port_connect drivers/usb/core/hub.c:5371 [inline]
hub_port_connect_change drivers/usb/core/hub.c:5671 [inline]
port_event drivers/usb/core/hub.c:5831 [inline]
hub_event+0x1c57/0x4fa0 drivers/usb/core/hub.c:5913
process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238
process_scheduled_works kernel/workqueue.c:3319 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400
kthread+0x3c2/0x780 kernel/kthread.c:464
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
INFO: task kworker/1:4:5870 blocked for more than 144 seconds.
Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:4 state:D
stack:22632 pid:5870 tgid:5870 ppid:2 task_flags:0x4288060 flags:0x00004000
Workqueue: md_misc mddev_delayed_delete
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x116f/0x5de0 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6860
schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75
do_wait_for_common kernel/sched/completion.c:95 [inline]
__wait_for_common+0x2fc/0x4e0 kernel/sched/completion.c:116
devtmpfs_submit_req+0xa8/0x100 drivers/base/devtmpfs.c:122
devtmpfs_delete_node+0xf6/0x160 drivers/base/devtmpfs.c:171
device_del+0x734/0x9f0 drivers/base/core.c:3834
del_gendisk+0x486/0xc40 block/genhd.c:734
md_kobj_release+0xb2/0x100 drivers/md/md.c:5749
kobject_cleanup lib/kobject.c:689 [inline]
kobject_release lib/kobject.c:720 [inline]
kref_put include/linux/kref.h:65 [inline]
kobject_put+0x1e4/0x5a0 lib/kobject.c:737
process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238
process_scheduled_works kernel/workqueue.c:3319 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400
kthread+0x3c2/0x780 kernel/kthread.c:464
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
INFO: task syz-executor:7828 blocked for more than 144 seconds.
Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:24360 pid:7828 tgid:7828 ppid:1 task_flags:0x400140 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x116f/0x5de0 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6860
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6917
rwsem_down_write_slowpath+0x524/0x1310 kernel/locking/rwsem.c:1176
__down_write_common kernel/locking/rwsem.c:1304 [inline]
__down_write kernel/locking/rwsem.c:1313 [inline]
down_write_nested+0x1da/0x210 kernel/locking/rwsem.c:1694
inode_lock_nested include/linux/fs.h:902 [inline]
filename_create+0x1bb/0x4a0 fs/namei.c:4132
do_mkdirat+0xaa/0x3e0 fs/namei.c:4384
__do_sys_mkdirat fs/namei.c:4409 [inline]
__se_sys_mkdirat fs/namei.c:4407 [inline]
__x64_sys_mkdirat+0x83/0xb0 fs/namei.c:4407
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe86ed8c9d7
RSP: 002b:00007fff698fdaf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
RAX: ffffffffffffffda RBX: 00007fe86ee110fa RCX: 00007fe86ed8c9d7
RDX: 00000000000001ff RSI: 00007fe86ee110fa RDI: 00000000ffffff9c
RBP: 00007fe86ee11074 R08: 0000000000000000 R09: 00007fe86efb6738
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe86edec1a8
R13: 00007fe86edec180 R14: 0000000000000009 R15: 0000000000000000
INFO: task syz.2.444:8199 blocked for more than 144 seconds.
Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.444 state:D stack:26360 pid:8199 tgid:8198 ppid:5822 task_flags:0x400140 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x116f/0x5de0 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6860
schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75
do_wait_for_common kernel/sched/completion.c:95 [inline]
__wait_for_common+0x2fc/0x4e0 kernel/sched/completion.c:116
devtmpfs_submit_req+0xa8/0x100 drivers/base/devtmpfs.c:122
devtmpfs_create_node+0x18a/0x230 drivers/base/devtmpfs.c:153
device_add+0x10bd/0x1a70 drivers/base/core.c:3640
cdev_device_add+0xc2/0x1e0 fs/char_dev.c:556
evdev_connect+0x3a4/0x4c0 drivers/input/evdev.c:1383
input_attach_handler.isra.0+0x181/0x260 drivers/input/input.c:993
input_register_device+0xa84/0x1130 drivers/input/input.c:2412
uinput_create_device drivers/input/misc/uinput.c:365 [inline]
uinput_ioctl_handler.isra.0+0x1357/0x1df0 drivers/input/misc/uinput.c:918
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:906 [inline]
__se_sys_ioctl fs/ioctl.c:892 [inline]
__x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fee7278e169
RSP: 002b:00007fee736e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fee729b5fa0 RCX: 00007fee7278e169
RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000004
RBP: 00007fee72810a68 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fee729b5fa0 R15: 00007fff4806c6b8
INFO: task syz.5.469:8286 blocked for more than 144 seconds.
Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.5.469 state:D stack:27176 pid:8286 tgid:8285 ppid:6351 task_flags:0x400040 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5382 [inline]
__schedule+0x116f/0x5de0 kernel/sched/core.c:6767
__schedule_loop kernel/sched/core.c:6845 [inline]
schedule+0xe7/0x3a0 kernel/sched/core.c:6860
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6917
rwsem_down_read_slowpath+0x62f/0xb60 kernel/locking/rwsem.c:1084
__down_read_common kernel/locking/rwsem.c:1248 [inline]
__down_read kernel/locking/rwsem.c:1261 [inline]
down_read+0xef/0x480 kernel/locking/rwsem.c:1526
inode_lock_shared include/linux/fs.h:877 [inline]
open_last_lookups fs/namei.c:3799 [inline]
path_openat+0x88a/0x2d40 fs/namei.c:4036
do_filp_open+0x20b/0x470 fs/namei.c:4066
do_sys_openat2+0x11b/0x1d0 fs/open.c:1429
do_sys_open fs/open.c:1444 [inline]
__do_sys_openat fs/open.c:1460 [inline]
__se_sys_openat fs/open.c:1455 [inline]
__x64_sys_openat+0x174/0x210 fs/open.c:1455
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9f0b38cad0
RSP: 002b:00007f9f091f5b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000801 RCX: 00007f9f0b38cad0
RDX: 0000000000000801 RSI: 00007f9f091f5c10 RDI: 00000000ffffff9c
RBP: 00007f9f091f5c10 R08: 0000000000000000 R09: 00232d6332692f76
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f9f0b5b5fa0 R15: 00007ffed590a228
Showing all locks held in the system:
3 locks held by kworker/0:1/10:
#0: ffff88801b479d48 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
#1: ffffc900000f7d18 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
#2: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x83/0x1170 net/wireless/reg.c:2483
2 locks held by kdevtmpfs/26:
#0: ffff88801c6d8950 (&type->i_mutex_dir_key/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:902 [inline]
#0: ffff88801c6d8950 (&type->i_mutex_dir_key/1){+.+.}-{4:4}, at: __kern_path_locked+0x132/0x2a0 fs/namei.c:2765
#1: ffffffff8eef43a8 (major_names_lock){+.+.}-{4:4}, at: blk_probe_dev+0x25/0x1a0 block/genhd.c:820
1 lock held by khungtaskd/31:
#0: ffffffff8e3bf5c0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
#0: ffffffff8e3bf5c0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
#0: ffffffff8e3bf5c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 kernel/locking/lockdep.c:6764
3 locks held by kworker/u8:2/36:
#0: ffff88801b481148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
#1: ffffc90000ad7d18 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
#2: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0 net/core/link_watch.c:303
3 locks held by kworker/0:2/974:
#0: ffff88801f282d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
#1: ffffc900038e7d18 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
#2: ffff888029227198 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:922 [inline]
#2: ffff888029227198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fa0 drivers/usb/core/hub.c:5859
2 locks held by kworker/u8:8/3564:
2 locks held by getty/5590:
#0: ffff888036b7a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc9000332e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 drivers/tty/n_tty.c:2222
7 locks held by kworker/1:3/5824:
#0: ffff88801f282d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
#1: ffffc90003027d18 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
#2: ffff8881457df198 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:922 [inline]
#2: ffff8881457df198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fa0 drivers/usb/core/hub.c:5859
#3: ffff888024efb198 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:922 [inline]
#3: ffff888024efb198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0x10a/0x920 drivers/usb/core/hub.c:2307
#4: ffff88805ff12160 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:922 [inline]
#4: ffff88805ff12160 (&dev->mutex){....}-{4:4}, at: __device_driver_lock drivers/base/dd.c:1095 [inline]
#4: ffff88805ff12160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620 drivers/base/dd.c:1293
#5: ffffffff900667c8 (register_mutex#7){+.+.}-{4:4}, at: usb_audio_disconnect+0xe9/0x890 sound/usb/card.c:961
#6: ffffffff8ffdb808 (sound_oss_mutex){+.+.}-{4:4}, at: class_mutex_constructor include/linux/mutex.h:201 [inline]
#6: ffffffff8ffdb808 (sound_oss_mutex){+.+.}-{4:4}, at: snd_unregister_oss_device+0x96/0x2a0 sound/core/sound_oss.c:156
2 locks held by kworker/1:4/5870:
#0: ffff88801f283948 ((wq_completion)md_misc){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
#1: ffffc900044afd18 ((work_completion)(&mddev->del_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
3 locks held by kworker/0:6/5948:
#0: ffff88801b478d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
#1: ffffc90001587d18 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
#2: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
3 locks held by kworker/u8:10/6113:
#0: ffff88814d029948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
#1: ffffc9000b72fd18 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
#2: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#2: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x12/0x30 net/ipv6/addrconf.c:4735
2 locks held by syz-executor/7828:
#0: ffff88814128e420 (sb_writers){.+.+}-{0:0}, at: filename_create+0x10e/0x4a0 fs/namei.c:4125
#1: ffff88801c6d8950 (&type->i_mutex_dir_key/1){+.+.}-{4:4}, at: inode_lock_nested include/linux/fs.h:902 [inline]
#1: ffff88801c6d8950 (&type->i_mutex_dir_key/1){+.+.}-{4:4}, at: filename_create+0x1bb/0x4a0 fs/namei.c:4132
2 locks held by syz.2.444/8199:
#0: ffff888060626870 (&newdev->mutex){+.+.}-{4:4}, at: uinput_ioctl_handler.isra.0+0xcb/0x1df0 drivers/input/misc/uinput.c:899
#1: ffffffff8f965128 (input_mutex){+.+.}-{4:4}, at: class_mutex_intr_constructor include/linux/mutex.h:203 [inline]
#1: ffffffff8f965128 (input_mutex){+.+.}-{4:4}, at: input_register_device+0x98a/0x1130 drivers/input/input.c:2408
2 locks held by syz.5.469/8286:
#0: ffff88814128e420 (sb_writers){.+.+}-{0:0}, at: open_last_lookups fs/namei.c:3789 [inline]
#0: ffff88814128e420 (sb_writers){.+.+}-{0:0}, at: path_openat+0x1f3e/0x2d40 fs/namei.c:4036
#1: ffff88801c6d8950 (&type->i_mutex_dir_key#2){++++}-{4:4}, at: inode_lock_shared include/linux/fs.h:877 [inline]
#1: ffff88801c6d8950 (&type->i_mutex_dir_key#2){++++}-{4:4}, at: open_last_lookups fs/namei.c:3799 [inline]
#1: ffff88801c6d8950 (&type->i_mutex_dir_key#2){++++}-{4:4}, at: path_openat+0x88a/0x2d40 fs/namei.c:4036
2 locks held by syz-executor/8358:
#0: ffffffff90868640 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:161 [inline]
#0: ffffffff90868640 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:253 [inline]
#0: ffffffff90868640 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x113/0x2c0 net/core/rtnetlink.c:574
#1: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:80 [inline]
#1: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
#1: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000 net/core/rtnetlink.c:4064
1 lock held by syz.3.492/8376:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: ip6_mroute_setsockopt+0x483/0x20d0 net/ipv6/ip6mr.c:1757
1 lock held by syz.3.492/8377:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: ip6_mroute_setsockopt+0x483/0x20d0 net/ipv6/ip6mr.c:1757
1 lock held by syz.3.492/8383:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: ip6mr_sk_init net/ipv6/ip6mr.c:1599 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: ip6_mroute_setsockopt+0x113a/0x20d0 net/ipv6/ip6mr.c:1713
2 locks held by syz.1.494/8386:
#0: ffffffff90886040 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:161 [inline]
#0: ffffffff90886040 (&ops->srcu#2){.+.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:253 [inline]
#0: ffffffff90886040 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x113/0x2c0 net/core/rtnetlink.c:574
#1: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:80 [inline]
#1: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:341 [inline]
#1: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000 net/core/rtnetlink.c:4064
1 lock held by syz-executor/8389:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8394:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8398:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8402:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8407:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8411:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8416:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8421:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8424:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8435:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8443:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8449:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
1 lock held by syz-executor/8454:
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_net_lock include/linux/rtnetlink.h:130 [inline]
#0: ffffffff9012aea8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x30c/0x1540 net/ipv4/devinet.c:979
=============================================
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:158 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:274 [inline]
watchdog+0xf70/0x12c0 kernel/hung_task.c:437
kthread+0x3c2/0x780 kernel/kthread.c:464
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:81
Code: 25 5d 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d b3 3a 17 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
RSP: 0018:ffffffff8e007e10 EFLAGS: 000002c6
RAX: 0000000000b9ca9d RBX: 0000000000000000 RCX: ffffffff8b72b419
RDX: 0000000000000000 RSI: ffffffff8dbef846 RDI: ffffffff8bf465c0
RBP: fffffbfff1c12ee8 R08: 0000000000000001 R09: ffffed10170865bd
R10: ffff8880b8432deb R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff8e097740 R14: ffffffff90864910 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff8881249b2000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000056044ee0f038 CR3: 000000000e180000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline]
default_idle+0x13/0x20 arch/x86/kernel/process.c:748
default_idle_call+0x6d/0xb0 kernel/sched/idle.c:117
cpuidle_idle_call kernel/sched/idle.c:185 [inline]
do_idle+0x391/0x510 kernel/sched/idle.c:325
cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:423
rest_init+0x16b/0x2b0 init/main.c:743
start_kernel+0x3e9/0x4d0 init/main.c:1099
x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:513
x86_64_start_kernel+0xb0/0xc0 arch/x86/kernel/head64.c:494
common_startup_64+0x13e/0x148