INFO: task khugepaged:37 blocked for more than 143 seconds.
      Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:khugepaged      state:D
 stack:26992 pid:37    tgid:37    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5188 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6529
 __schedule_loop kernel/sched/core.c:6606 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6621
 schedule_timeout+0xb0/0x310 kernel/time/timer.c:2591
 do_wait_for_common kernel/sched/completion.c:95 [inline]
 __wait_for_common kernel/sched/completion.c:116 [inline]
 wait_for_common kernel/sched/completion.c:127 [inline]
 wait_for_completion+0x355/0x620 kernel/sched/completion.c:148
 __flush_work+0xab1/0xd00 kernel/workqueue.c:4216
 __lru_add_drain_all+0x4f6/0x560 mm/swap.c:920
 khugepaged_do_scan mm/khugepaged.c:2501 [inline]
 khugepaged+0x1bb/0x1db0 mm/khugepaged.c:2570
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Showing all locks held in the system:
7 locks held by kworker/0:0/8:
4 locks held by kworker/0:1/9:
1 lock held by khungtaskd/30:
 #0: ffffffff8e938a60 (rcu_read_lock){....}-{1:2}
, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline]
, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6701
1 lock held by khugepaged/37:
 #0: 
ffffffff8e9f28a8
 (lock#3){+.+.}-{3:3}, at: __lru_add_drain_all+0x66/0x560 mm/swap.c:875
2 locks held by kworker/0:2/941:
1 lock held by dhcpcd/4897:
 #0: ffff88804966ca08 (&sb->s_type->i_mutex_key
#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:815 [inline]
#10){+.+.}-{3:3}, at: __sock_release net/socket.c:658 [inline]
#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 net/socket.c:1427
2 locks held by getty/4983:
 #0: ffff8880302e70a0 (&tty->ldisc_sem
){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 drivers/tty/n_tty.c:2211
3 locks held by kworker/0:4/5278:
3 locks held by kworker/1:6/5279:
 #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3206 [inline]
 #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3312
 #1: 
ffffc90003eafd00
 (deferred_process_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3207 [inline]
 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3312
 #2: 
ffffffff8fcc2948
 (
rtnl_mutex
){+.+.}-{3:3}
, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
2 locks held by kworker/0:6/7835:
2 locks held by kworker/0:7/7836:
5 locks held by kworker/u8:1/9355:
 #0: ffff88801bae5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3206 [inline]
 #0: ffff88801bae5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3312
 #1: ffffc90002f07d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3207 [inline]
 #1: ffffc90002f07d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3312
 #2: 
ffffffff8fcb5e50
 (pernet_ops_rwsem){++++}-{3:3}
, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:580
 #3: ffffffff8fcc2948 (rtnl_mutex){+.+.}-{3:3}
, at: cleanup_net+0x6af/0xcc0 net/core/net_namespace.c:616
 #4: ffffffff8e7d28d0 (cpu_hotplug_lock){++++}-{0:0}, at: flush_all_backlogs net/core/dev.c:6021 [inline]
 #4: ffffffff8e7d28d0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 net/core/dev.c:11380
4 locks held by udevd/21015:
 #0: 
ffff888031575668 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb4/0xd70 fs/seq_file.c:182
 #1: ffff888028bf3488 (&of->mutex#2){+.+.}-{3:3}
, at: kernfs_seq_start+0x53/0x3b0 fs/kernfs/file.c:154
 #2: ffff88806526d968 (kn->active#18){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0 fs/kernfs/file.c:155
 #3: ffff88805ee6b190 (
&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:1014 [inline]
&dev->mutex){....}-{3:3}, at: manufacturer_show+0x26/0xa0 drivers/usb/core/sysfs.c:142
1 lock held by syz-executor/21561:
 #0: ffffffff8fcb5e50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 net/core/net_namespace.c:490
3 locks held by syz-executor/21562:
 #0: 
ffff88807dcfcd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close net/bluetooth/hci_core.c:481 [inline]
ffff88807dcfcd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 net/bluetooth/hci_core.c:2698
 #1: ffff88807dcfc078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 net/bluetooth/hci_sync.c:5183
 #2: ffffffff90027b88
 (
uevent_sock_mutex){+.+.}-{3:3}, at: uevent_net_broadcast_untagged lib/kobject_uevent.c:317 [inline]
uevent_sock_mutex){+.+.}-{3:3}, at: kobject_uevent_net_broadcast+0x280/0x580 lib/kobject_uevent.c:410
3 locks held by syz-executor/21563:
 #0: 
ffff888055468d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close net/bluetooth/hci_core.c:481 [inline]
ffff888055468d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 net/bluetooth/hci_core.c:2698
 #1: ffff888055468078 (&hdev->lock
){+.+.}-{3:3}
, at: hci_dev_close_sync+0x572/0x11a0 net/bluetooth/hci_sync.c:5183
 #2: ffffffff90027b88 (uevent_sock_mutex){+.+.}-{3:3}, at: uevent_net_broadcast_untagged lib/kobject_uevent.c:317 [inline]
 #2: ffffffff90027b88 (uevent_sock_mutex){+.+.}-{3:3}, at: kobject_uevent_net_broadcast+0x280/0x580 lib/kobject_uevent.c:410
3 locks held by syz-executor/21566:
 #0: ffff88804a7ecd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close net/bluetooth/hci_core.c:481 [inline]
 #0: ffff88804a7ecd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510 net/bluetooth/hci_core.c:2698
 #1: ffff88804a7ec078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0 net/bluetooth/hci_sync.c:5183
 #2: 
ffffffff90027b88
 (
uevent_sock_mutex
){+.+.}-{3:3}
, at: uevent_net_broadcast_untagged lib/kobject_uevent.c:317 [inline]
, at: kobject_uevent_net_broadcast+0x280/0x580 lib/kobject_uevent.c:410
1 lock held by syz-executor/21569:
 #0: 
ffffffff8fcc2948
 (
rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6643
1 lock held by syz-executor/21572:
 #0: 
ffffffff8fcc2948 (rtnl_mutex){+.+.}-{3:3}
, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
, at: rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6643
3 locks held by kworker/u8:3/21573:
 #0: ffff88801ac89148 (
(wq_completion)events_unbound
){+.+.}-{0:0}
, at: process_one_work kernel/workqueue.c:3206 [inline]
, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3312
 #1: ffffc9000334fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3207 [inline]
 #1: ffffc9000334fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3312
 #2: ffffffff8fcc2948 (rtnl_mutex){+.+.}-{3:3}
, at: linkwatch_event+0xe/0x60 net/core/link_watch.c:276
1 lock held by syz-executor/21576:
 #0: ffffffff8fcc2948 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline]
 #0: ffffffff8fcc2948 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6643
1 lock held by syz-executor/21588:
 #0: ffff888059100808 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:815 [inline]
 #0: ffff888059100808 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release net/socket.c:658 [inline]
 #0: ffff888059100808 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 net/socket.c:1427
2 locks held by syz-executor/21591:
 #0: ffff88806a60a918 (
&data->open_mutex
){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0 drivers/bluetooth/hci_vhci.c:469
 #1: ffffffff90027b88
 (uevent_sock_mutex){+.+.}-{3:3}, at: uevent_net_broadcast_untagged lib/kobject_uevent.c:317 [inline]
 (uevent_sock_mutex){+.+.}-{3:3}, at: kobject_uevent_net_broadcast+0x280/0x580 lib/kobject_uevent.c:410
2 locks held by syz-executor/21604:
 #0: ffff88805e45a918
 (
&data->open_mutex
){+.+.}-{3:3}
, at: vhci_create_device+0x34/0x6a0 drivers/bluetooth/hci_vhci.c:469
 #1: 
ffffffff90027b88 (uevent_sock_mutex){+.+.}-{3:3}, at: uevent_net_broadcast_untagged lib/kobject_uevent.c:317 [inline]
ffffffff90027b88 (uevent_sock_mutex){+.+.}-{3:3}, at: kobject_uevent_net_broadcast+0x280/0x580 lib/kobject_uevent.c:410
2 locks held by syz-executor/21605:
 #0: ffff88804752e118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0 drivers/bluetooth/hci_vhci.c:469
 #1: ffffffff90027b88 (uevent_sock_mutex){+.+.}-{3:3}, at: uevent_net_broadcast_untagged lib/kobject_uevent.c:317 [inline]
 #1: ffffffff90027b88 (uevent_sock_mutex){+.+.}-{3:3}, at: kobject_uevent_net_broadcast+0x280/0x580 lib/kobject_uevent.c:410
2 locks held by syz-executor/21606:
 #0: 
ffff888049fff118
 (
&data->open_mutex
){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6a0 drivers/bluetooth/hci_vhci.c:469
 #1: 
ffffffff90027b88 (uevent_sock_mutex
){+.+.}-{3:3}
, at: uevent_net_broadcast_untagged lib/kobject_uevent.c:317 [inline]
, at: kobject_uevent_net_broadcast+0x280/0x580 lib/kobject_uevent.c:410

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:93 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119
 nmi_cpu_backtrace+0x49c/0x4d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]
 watchdog+0xff4/0x1040 kernel/hung_task.c:379
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.11.0-syzkaller-04557-g2f27fce67173 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker
RIP: 0010:io_serial_in+0x76/0xb0 drivers/tty/serial/8250/8250_port.c:406
Code: 00 5b 50 fc 89 e9 41 d3 e6 48 83 c3 40 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74 08 48 89 df e8 e1 9f b7 fc 44 03 33 44 89 f2 ec <0f> b6 c0 5b 41 5e 41 5f 5d c3 cc cc cc cc 89 e9 80 e1 07 38 c1 7c
RSP: 0018:ffffc900000062b8 EFLAGS: 00000002
RAX: 1ffffffff34da100 RBX: ffffffff9a6d0da0 RCX: 0000000000000000
RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000020
RBP: 0000000000000000 R08: ffffffff85437e46 R09: 1ffff11004ac5046
R10: dffffc0000000000 R11: ffffffff85437e00 R12: dffffc0000000000
R13: ffffffff9a3cdf70 R14: 00000000000003fd R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000110c396158 CR3: 00000000472a2000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 serial_in drivers/tty/serial/8250/8250.h:137 [inline]
 serial_lsr_in drivers/tty/serial/8250/8250.h:159 [inline]
 wait_for_lsr drivers/tty/serial/8250/8250_port.c:2068 [inline]
 serial8250_console_fifo_write drivers/tty/serial/8250/8250_port.c:3315 [inline]
 serial8250_console_write+0x1373/0x1ed0 drivers/tty/serial/8250/8250_port.c:3393
 console_emit_next_record kernel/printk/printk.c:3092 [inline]
 console_flush_all+0x869/0xeb0 kernel/printk/printk.c:3180
 __console_flush_and_unlock kernel/printk/printk.c:3239 [inline]
 console_unlock+0x14f/0x3b0 kernel/printk/printk.c:3279
 vprintk_emit+0x730/0xa10 kernel/printk/printk.c:2407
 dev_vprintk_emit+0x2ae/0x330 drivers/base/core.c:4912
 dev_printk_emit+0xdd/0x120 drivers/base/core.c:4923
 _dev_warn+0x122/0x170 drivers/base/core.c:4979
 usb_rx_callback_intf0+0x15a/0x1a0 drivers/media/rc/imon.c:1768
 __usb_hcd_giveback_urb+0x42c/0x6e0 drivers/usb/core/hcd.c:1650
 dummy_timer+0x830/0x45a0 drivers/usb/gadget/udc/dummy_hcd.c:1987
 __run_hrtimer kernel/time/hrtimer.c:1691 [inline]
 __hrtimer_run_queues+0x59b/0xd50 kernel/time/hrtimer.c:1755
 hrtimer_interrupt+0x396/0x990 kernel/time/hrtimer.c:1817
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1026 [inline]
 __sysvec_apic_timer_interrupt+0x110/0x3f0 arch/x86/kernel/apic/apic.c:1043
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline]
 sysvec_apic_timer_interrupt+0x52/0xc0 arch/x86/kernel/apic/apic.c:1037
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:queue_work_on+0x269/0x380 kernel/workqueue.c:2397
Code: 75 19 e8 aa e5 36 00 eb 18 e8 a3 e5 36 00 e8 5e 63 60 0a 48 83 7c 24 10 00 74 e7 e8 91 e5 36 00 fb 48 c7 44 24 20 0e 36 e0 45 <4b> c7 04 37 00 00 00 00 43 c7 44 37 09 00 00 00 00 66 43 c7 44 37
RSP: 0018:ffffc90000007340 EFLAGS: 00000246
RAX: ffffffff815cf3bf RBX: 0000000000000000 RCX: ffff88801ced0000
RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90000007438 R08: ffffffff815cf38f R09: 1ffffffff2846d26
R10: dffffc0000000000 R11: fffffbfff2846d27 R12: 0000000002000001
R13: 0000000000000046 R14: 1ffff92000000e6c R15: dffffc0000000000
 __ieee80211_queue_skb_to_iface net/mac80211/rx.c:233 [inline]
 ieee80211_queue_skb_to_iface net/mac80211/rx.c:244 [inline]
 ieee80211_rx_h_mgmt+0x50f/0x710 net/mac80211/rx.c:4050
 ieee80211_rx_handlers+0x67fc/0xb830 net/mac80211/rx.c:4208
 ieee80211_invoke_rx_handlers net/mac80211/rx.c:4238 [inline]
 ieee80211_prepare_and_rx_handle+0x31ab/0x6360 net/mac80211/rx.c:5086
 __ieee80211_rx_handle_packet net/mac80211/rx.c:5327 [inline]
 ieee80211_rx_list+0x2ce0/0x3780 net/mac80211/rx.c:5462
 ieee80211_rx_napi+0x18a/0x3c0 net/mac80211/rx.c:5485
 ieee80211_rx include/net/mac80211.h:5138 [inline]
 ieee80211_handle_queued_frames+0xe7/0x1e0 net/mac80211/main.c:439
 tasklet_action_common+0x321/0x4d0 kernel/softirq.c:784
 handle_softirqs+0x2c5/0x980 kernel/softirq.c:554
 do_softirq+0x11b/0x1e0 kernel/softirq.c:455
 </IRQ>
 <TASK>
 __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382
 spin_unlock_bh include/linux/spinlock.h:396 [inline]
 ptr_ring_consume_bh include/linux/ptr_ring.h:367 [inline]
 wg_packet_decrypt_worker+0xcde/0xd80 drivers/net/wireguard/receive.c:499
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312
 worker_thread+0x870/0xd30 kernel/workqueue.c:3393
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored
imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored