INFO: task kworker/1:2:970 blocked for more than 143 seconds.
      Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:2     state:D stack:22112 pid:970   tgid:970   ppid:2      flags:0x00004000
Workqueue: events rfkill_op_handler
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 device_lock include/linux/device.h:1014 [inline]
 nfc_dev_down+0x2d/0x2e0 net/nfc/core.c:143
 nfc_rfkill_set_block+0x39/0xe0 net/nfc/core.c:179
 rfkill_set_block+0x203/0x560 net/rfkill/core.c:346
 rfkill_epo+0x8e/0x1d0 net/rfkill/core.c:466
 __rfkill_handle_global_op net/rfkill/input.c:60 [inline]
 rfkill_op_handler+0x262/0x280 net/rfkill/input.c:108
 process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3236
 process_scheduled_works kernel/workqueue.c:3317 [inline]
 worker_thread+0x6c8/0xf00 kernel/workqueue.c:3398
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
INFO: task kworker/1:5:5864 blocked for more than 143 seconds.
      Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:5     state:D stack:21072 pid:5864  tgid:5864  ppid:2      flags:0x00004000
Workqueue: events rfkill_global_led_trigger_worker
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 rfkill_global_led_trigger_worker+0x1b/0x160 net/rfkill/core.c:182
 process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3236
 process_scheduled_works kernel/workqueue.c:3317 [inline]
 worker_thread+0x6c8/0xf00 kernel/workqueue.c:3398
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
INFO: task syz.2.814:8006 blocked for more than 143 seconds.
      Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.814       state:D stack:28016 pid:8006  tgid:8006  ppid:5812   flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 rfkill_unregister+0xde/0x2c0 net/rfkill/core.c:1145
 nfc_unregister_device+0x94/0x330 net/nfc/core.c:1167
 virtual_ncidev_close+0x4b/0xa0 drivers/nfc/virtual_ncidev.c:172
 __fput+0x3f8/0xb60 fs/file_table.c:450
 task_work_run+0x14e/0x250 kernel/task_work.c:239
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:114 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0x27b/0x2a0 kernel/entry/common.c:218
 do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f2b4c585d29
RSP: 002b:00007ffe55966f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
RAX: 0000000000000000 RBX: 00007f2b4c777ba0 RCX: 00007f2b4c585d29
RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
RBP: 00007f2b4c777ba0 R08: 00000000000000b8 R09: 00007ffe5596726f
R10: 00007f2b4c777ac0 R11: 0000000000000246 R12: 000000000001fb73
R13: 00007f2b4c776080 R14: 0000000000000032 R15: ffffffffffffffff
 </TASK>
INFO: task syz.5.839:8071 blocked for more than 144 seconds.
      Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.5.839       state:D stack:27424 pid:8071  tgid:8069  ppid:6317   flags:0x00004004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6848
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905
 __mutex_lock_common kernel/locking/mutex.c:665 [inline]
 __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735
 rfkill_register+0x3a/0xb40 net/rfkill/core.c:1071
 nfc_register_device+0x11f/0x3c0 net/nfc/core.c:1132
 nci_register_device+0x7f4/0xb80 net/nfc/nci/core.c:1277
 virtual_ncidev_open+0x141/0x220 drivers/nfc/virtual_ncidev.c:157
 misc_open+0x35a/0x420 drivers/char/misc.c:165
 chrdev_open+0x237/0x6a0 fs/char_dev.c:414
 do_dentry_open+0xf59/0x1ea0 fs/open.c:945
 vfs_open+0x82/0x3f0 fs/open.c:1075
 do_open fs/namei.c:3828 [inline]
 path_openat+0x1e6a/0x2d60 fs/namei.c:3987
 do_filp_open+0x20c/0x470 fs/namei.c:4014
 do_sys_openat2+0x17a/0x1e0 fs/open.c:1402
 do_sys_open fs/open.c:1417 [inline]
 __do_sys_openat fs/open.c:1433 [inline]
 __se_sys_openat fs/open.c:1428 [inline]
 __x64_sys_openat+0x175/0x210 fs/open.c:1428
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff080f85d29
RSP: 002b:00007ff081ea0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007ff081175fa0 RCX: 00007ff080f85d29
RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c
RBP: 00007ff081001b08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 00007ff081175fa0 R15: 00007ffed70ca278
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/30:
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 kernel/locking/lockdep.c:6744
4 locks held by kworker/1:2/970:
 #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3211
 #1: ffffc90003a97d80 ((rfkill_op_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3212
 #2: ffffffff9036d008 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_epo+0x55/0x1d0 net/rfkill/core.c:462
 #3: ffff888022b16100 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:1014 [inline]
 #3: ffff888022b16100 (&dev->mutex){....}-{4:4}, at: nfc_dev_down+0x2d/0x2e0 net/nfc/core.c:143
5 locks held by kworker/u8:8/3662:
 #0: ffff8880b863ebd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 kernel/sched/core.c:598
 #1: ffff8880b8628a88 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x203/0x8e0 kernel/sched/psi.c:975
 #2: ffff8880b862a898 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 kernel/time/timer.c:1050
 #3: ffffffff9aa45498 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x149/0x4a0 lib/debugobjects.c:818
 #4: ffffffff9aadad78 (&obj_hash[i].lock){-.-.}-{2:2}, at: __debug_check_no_obj_freed lib/debugobjects.c:1088 [inline]
 #4: ffffffff9aadad78 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_check_no_obj_freed+0x1cf/0x600 lib/debugobjects.c:1129
2 locks held by getty/5570:
 #0: ffff8880321250a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
 #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 drivers/tty/n_tty.c:2211
1 lock held by syz-executor/5819:
 #0: ffffffff9036d008 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xde/0x2c0 net/rfkill/core.c:1145
3 locks held by kworker/1:5/5864:
 #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3211
 #1: ffffc90002ee7d80 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3212
 #2: ffffffff9036d008 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x1b/0x160 net/rfkill/core.c:182
2 locks held by syz.2.814/8006:
 #0: ffff888022b16100 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:1014 [inline]
 #0: ffff888022b16100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x60/0x330 net/nfc/core.c:1165
 #1: ffffffff9036d008 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xde/0x2c0 net/rfkill/core.c:1145
3 locks held by syz.5.839/8071:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
 #1: ffff888034a4d100 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:1014 [inline]
 #1: ffff888034a4d100 (&dev->mutex){....}-{4:4}, at: nfc_register_device+0x9a/0x3c0 net/nfc/core.c:1128
 #2: ffffffff9036d008 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40 net/rfkill/core.c:1071
1 lock held by syz.1.841/8080:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz.4.849/8099:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz.3.851/8104:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8107:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8109:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8111:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8113:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8115:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8117:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8119:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8121:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8123:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8125:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8127:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8129:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8131:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8133:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129
1 lock held by syz-executor/8135:
 #0: ffffffff8eeaaaa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 drivers/char/misc.c:129

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:234 [inline]
 watchdog+0xf14/0x1240 kernel/hung_task.c:397
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 3662 Comm: kworker/u8:8 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Workqueue: bat_events batadv_nc_worker
RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:26 [inline]
RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:87 [inline]
RIP: 0010:lockdep_softirqs_off+0xd8/0x350 kernel/locking/lockdep.c:4568
Code: ff df 48 89 c1 83 e0 07 48 c1 e9 03 83 c0 03 0f b6 14 11 38 d0 7c 08 84 d2 0f 85 19 02 00 00 8b 3d cd dc 0d 19 85 ff 75 0b 9c <58> f6 c4 02 0f 85 79 01 00 00 65 48 8b 1d 16 cd 8c 7e 48 8d bb c0
RSP: 0018:ffffc9000cd37ad0 EFLAGS: 00000046
RAX: 0000000000000003 RBX: ffff8880335c4880 RCX: 1ffffffff3509d14
RDX: 0000000000000004 RSI: 0000000000000201 RDI: 0000000000000000
RBP: ffffffff8af86f5a R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000075 R11: 0000000000000002 R12: ffffffff8af87230
R13: ffff88805e62dd40 R14: ffff88807d470ba8 R15: ffff88807e8c6a80
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055a9679fff70 CR3: 000000000df7e000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 00000000dda5b756 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 __local_bh_disable_ip+0x5e/0xd0 kernel/softirq.c:329
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:125 [inline]
 _raw_spin_lock_bh+0x17/0x40 kernel/locking/spinlock.c:178
 spin_lock_bh include/linux/spinlock.h:356 [inline]
 batadv_nc_purge_paths+0xca/0x390 net/batman-adv/network-coding.c:442
 batadv_nc_worker+0x913/0x1060 net/batman-adv/network-coding.c:720
 process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3236
 process_scheduled_works kernel/workqueue.c:3317 [inline]
 worker_thread+0x6c8/0xf00 kernel/workqueue.c:3398
 kthread+0x2c1/0x3a0 kernel/kthread.c:389
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>