INFO: task kworker/u4:11:4568 blocked for more than 143 seconds. Not tainted 6.1.124-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u4:11 state:D stack:0 pid:4568 ppid:2 flags:0x00000008 Workqueue: nfc2_nci_cmd_wq nci_cmd_work Call trace: __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5241 [inline] __schedule+0xef4/0x1d44 kernel/sched/core.c:6558 schedule+0xc4/0x170 kernel/sched/core.c:6634 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6693 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679 __mutex_lock kernel/locking/mutex.c:747 [inline] mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799 virtual_nci_send+0x28/0xe4 drivers/nfc/virtual_ncidev.c:54 nci_send_frame net/nfc/nci/core.c:1355 [inline] nci_cmd_work+0x1a8/0x424 net/nfc/nci/core.c:1589 process_one_work+0x7ac/0x1404 kernel/workqueue.c:2292 worker_thread+0x8e4/0xfec kernel/workqueue.c:2439 kthread+0x250/0x2d8 kernel/kthread.c:376 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:864 INFO: task syz.5.152:5099 blocked for more than 143 seconds. Not tainted 6.1.124-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.5.152 state:D stack:0 pid:5099 ppid:4499 flags:0x00000009 Call trace: __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5241 [inline] __schedule+0xef4/0x1d44 kernel/sched/core.c:6558 schedule+0xc4/0x170 kernel/sched/core.c:6634 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6693 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679 __mutex_lock kernel/locking/mutex.c:747 [inline] mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799 device_lock include/linux/device.h:837 [inline] nfc_register_device+0xb4/0x310 net/nfc/core.c:1128 nci_register_device+0x6ac/0x7c4 net/nfc/nci/core.c:1265 virtual_ncidev_open+0x6c/0xd8 drivers/nfc/virtual_ncidev.c:150 misc_open+0x2f0/0x368 drivers/char/misc.c:143 chrdev_open+0x3e8/0x4fc fs/char_dev.c:414 do_dentry_open+0x734/0xfa0 fs/open.c:882 vfs_open+0x7c/0x90 fs/open.c:1013 do_open fs/namei.c:3626 [inline] path_openat+0x1e14/0x2548 fs/namei.c:3783 do_filp_open+0x1bc/0x3cc fs/namei.c:3810 do_sys_openat2+0x128/0x3e0 fs/open.c:1318 do_sys_open fs/open.c:1334 [inline] __do_sys_openat fs/open.c:1350 [inline] __se_sys_openat fs/open.c:1345 [inline] __arm64_sys_openat+0x1f0/0x240 fs/open.c:1345 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 INFO: task syz.5.152:5108 blocked for more than 143 seconds. Not tainted 6.1.124-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.5.152 state:D stack:0 pid:5108 ppid:4499 flags:0x00000009 Call trace: __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5241 [inline] __schedule+0xef4/0x1d44 kernel/sched/core.c:6558 schedule+0xc4/0x170 kernel/sched/core.c:6634 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6693 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679 __mutex_lock kernel/locking/mutex.c:747 [inline] mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799 virtual_nci_close+0x28/0x58 drivers/nfc/virtual_ncidev.c:44 nci_open_device net/nfc/nci/core.c:544 [inline] nci_dev_up+0x754/0xb10 net/nfc/nci/core.c:631 nfc_dev_up+0x154/0x300 net/nfc/core.c:118 nfc_genl_dev_up+0x98/0xdc net/nfc/netlink.c:770 genl_family_rcv_msg_doit net/netlink/genetlink.c:756 [inline] genl_family_rcv_msg net/netlink/genetlink.c:833 [inline] genl_rcv_msg+0x948/0xc2c net/netlink/genetlink.c:850 netlink_rcv_skb+0x20c/0x3b8 net/netlink/af_netlink.c:2493 genl_rcv+0x38/0x50 net/netlink/genetlink.c:861 netlink_unicast_kernel net/netlink/af_netlink.c:1311 [inline] netlink_unicast+0x65c/0x898 net/netlink/af_netlink.c:1337 netlink_sendmsg+0x834/0xb18 net/netlink/af_netlink.c:1859 sock_sendmsg_nosec net/socket.c:718 [inline] __sock_sendmsg net/socket.c:730 [inline] ____sys_sendmsg+0x55c/0x848 net/socket.c:2519 ___sys_sendmsg net/socket.c:2573 [inline] __sys_sendmsg+0x26c/0x33c net/socket.c:2602 __do_sys_sendmsg net/socket.c:2611 [inline] __se_sys_sendmsg net/socket.c:2609 [inline] __arm64_sys_sendmsg+0x80/0x94 net/socket.c:2609 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 INFO: task syz.4.154:5107 blocked for more than 143 seconds. Not tainted 6.1.124-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.4.154 state:D stack:0 pid:5107 ppid:4309 flags:0x00000001 Call trace: __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5241 [inline] __schedule+0xef4/0x1d44 kernel/sched/core.c:6558 schedule+0xc4/0x170 kernel/sched/core.c:6634 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6693 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679 __mutex_lock kernel/locking/mutex.c:747 [inline] mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799 genl_lock net/netlink/genetlink.c:33 [inline] genl_rcv_msg+0x114/0xc2c net/netlink/genetlink.c:848 netlink_rcv_skb+0x20c/0x3b8 net/netlink/af_netlink.c:2493 genl_rcv+0x38/0x50 net/netlink/genetlink.c:861 netlink_unicast_kernel net/netlink/af_netlink.c:1311 [inline] netlink_unicast+0x65c/0x898 net/netlink/af_netlink.c:1337 netlink_sendmsg+0x834/0xb18 net/netlink/af_netlink.c:1859 sock_sendmsg_nosec net/socket.c:718 [inline] __sock_sendmsg net/socket.c:730 [inline] __sys_sendto+0x3b8/0x508 net/socket.c:2153 __do_sys_sendto net/socket.c:2165 [inline] __se_sys_sendto net/socket.c:2161 [inline] __arm64_sys_sendto+0xd8/0xf8 net/socket.c:2161 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 INFO: task syz.0.167:5147 blocked for more than 143 seconds. Not tainted 6.1.124-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.0.167 state:D stack:0 pid:5147 ppid:4305 flags:0x00000041 Call trace: __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5241 [inline] __schedule+0xef4/0x1d44 kernel/sched/core.c:6558 schedule+0xc4/0x170 kernel/sched/core.c:6634 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6693 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679 __mutex_lock kernel/locking/mutex.c:747 [inline] mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799 misc_open+0x6c/0x368 drivers/char/misc.c:107 chrdev_open+0x3e8/0x4fc fs/char_dev.c:414 do_dentry_open+0x734/0xfa0 fs/open.c:882 vfs_open+0x7c/0x90 fs/open.c:1013 do_open fs/namei.c:3626 [inline] path_openat+0x1e14/0x2548 fs/namei.c:3783 do_filp_open+0x1bc/0x3cc fs/namei.c:3810 do_sys_openat2+0x128/0x3e0 fs/open.c:1318 do_sys_open fs/open.c:1334 [inline] __do_sys_openat fs/open.c:1350 [inline] __se_sys_openat fs/open.c:1345 [inline] __arm64_sys_openat+0x1f0/0x240 fs/open.c:1345 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 INFO: task syz.1.172:5162 blocked for more than 143 seconds. Not tainted 6.1.124-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.172 state:D stack:0 pid:5162 ppid:4295 flags:0x00000001 Call trace: __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5241 [inline] __schedule+0xef4/0x1d44 kernel/sched/core.c:6558 schedule+0xc4/0x170 kernel/sched/core.c:6634 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6693 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679 __mutex_lock kernel/locking/mutex.c:747 [inline] mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799 misc_open+0x6c/0x368 drivers/char/misc.c:107 chrdev_open+0x3e8/0x4fc fs/char_dev.c:414 do_dentry_open+0x734/0xfa0 fs/open.c:882 vfs_open+0x7c/0x90 fs/open.c:1013 do_open fs/namei.c:3626 [inline] path_openat+0x1e14/0x2548 fs/namei.c:3783 do_filp_open+0x1bc/0x3cc fs/namei.c:3810 do_sys_openat2+0x128/0x3e0 fs/open.c:1318 do_sys_open fs/open.c:1334 [inline] __do_sys_openat fs/open.c:1350 [inline] __se_sys_openat fs/open.c:1345 [inline] __arm64_sys_openat+0x1f0/0x240 fs/open.c:1345 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585 Showing all locks held in the system: 2 locks held by kworker/u4:1/11: #0: ffff0001b3cf3158 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2c/0x44 kernel/sched/core.c:537 #1: ffff0001b3cdfb88 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2e0/0x5e8 kernel/sched/psi.c:987 1 lock held by rcu_tasks_kthre/12: #0: ffff800015c65530 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 kernel/rcu/tasks.h:517 1 lock held by rcu_tasks_trace/13: #0: ffff800015c65d30 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 kernel/rcu/tasks.h:517 1 lock held by khungtaskd/28: #0: ffff800015c65360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:349 2 locks held by getty/4055: #0: ffff0000d66ff098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340 #1: ffff80001d8402f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1214 drivers/tty/n_tty.c:2198 3 locks held by kworker/u4:11/4568: #0: ffff0000d4f19138 ((wq_completion)nfc2_nci_cmd_wq){+.+.}-{0:0}, at: process_one_work+0x664/0x1404 kernel/workqueue.c:2265 #1: ffff800022007c20 ((work_completion)(&ndev->cmd_work)){+.+.}-{0:0}, at: process_one_work+0x6a8/0x1404 kernel/workqueue.c:2267 #2: ffff8000170fe428 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_send+0x28/0xe4 drivers/nfc/virtual_ncidev.c:54 2 locks held by kworker/u4:13/4649: #0: ffff0000c0029138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x664/0x1404 kernel/workqueue.c:2265 #1: ffff800021647c20 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x6a8/0x1404 kernel/workqueue.c:2267 3 locks held by syz.5.152/5099: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 #1: ffff8000170fe428 (nci_mutex){+.+.}-{3:3}, at: virtual_ncidev_open+0x28/0xd8 drivers/nfc/virtual_ncidev.c:137 #2: ffff0000d0dc8100 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:837 [inline] #2: ffff0000d0dc8100 (&dev->mutex){....}-{3:3}, at: nfc_register_device+0xb4/0x310 net/nfc/core.c:1128 5 locks held by syz.5.152/5108: #0: ffff80001811f650 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 net/netlink/genetlink.c:860 #1: ffff80001811f508 (genl_mutex){+.+.}-{3:3}, at: genl_lock net/netlink/genetlink.c:33 [inline] #1: ffff80001811f508 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x114/0xc2c net/netlink/genetlink.c:848 #2: ffff0000d0dc8100 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:837 [inline] #2: ffff0000d0dc8100 (&dev->mutex){....}-{3:3}, at: nfc_dev_up+0x44/0x300 net/nfc/core.c:95 #3: ffff0000d6b84350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_open_device net/nfc/nci/core.c:477 [inline] #3: ffff0000d6b84350 (&ndev->req_lock){+.+.}-{3:3}, at: nci_dev_up+0xa8/0xb10 net/nfc/nci/core.c:631 #4: ffff8000170fe428 (nci_mutex){+.+.}-{3:3}, at: virtual_nci_close+0x28/0x58 drivers/nfc/virtual_ncidev.c:44 2 locks held by syz.4.154/5107: #0: ffff80001811f650 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 net/netlink/genetlink.c:860 #1: ffff80001811f508 (genl_mutex){+.+.}-{3:3}, at: genl_lock net/netlink/genetlink.c:33 [inline] #1: ffff80001811f508 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x114/0xc2c net/netlink/genetlink.c:848 1 lock held by syz.0.167/5147: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz.1.172/5162: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 2 locks held by syz.3.173/5165: #0: ffff80001811f650 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 net/netlink/genetlink.c:860 #1: ffff80001811f508 (genl_mutex){+.+.}-{3:3}, at: genl_lock net/netlink/genetlink.c:33 [inline] #1: ffff80001811f508 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x114/0xc2c net/netlink/genetlink.c:848 2 locks held by syz.3.173/5166: #0: ffff80001811f650 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 net/netlink/genetlink.c:860 #1: ffff80001811f508 (genl_mutex){+.+.}-{3:3}, at: genl_lock net/netlink/genetlink.c:33 [inline] #1: ffff80001811f508 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x114/0xc2c net/netlink/genetlink.c:848 1 lock held by syz-executor/5285: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5286: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5289: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5293: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5294: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5304: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5305: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5307: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5310: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5311: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5320: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5321: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5323: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5326: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 1 lock held by syz-executor/5327: #0: ffff800016e9d248 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 drivers/char/misc.c:107 =============================================