INFO: task syz-executor:3512 blocked for more than 143 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor state:D stack:24328 pid:3512 tgid:3512 ppid:1 task_flags:0x400140 flags:0x00080002 Call Trace: context_switch kernel/sched/core.c:5387 [inline] __schedule+0xf89/0x4840 kernel/sched/core.c:7188 __schedule_loop kernel/sched/core.c:7267 [inline] schedule+0xdd/0x390 kernel/sched/core.c:7282 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7339 rwsem_down_read_slowpath+0x5af/0xb40 kernel/locking/rwsem.c:1114 __down_read_common kernel/locking/rwsem.c:1291 [inline] __down_read kernel/locking/rwsem.c:1304 [inline] down_read+0xed/0x450 kernel/locking/rwsem.c:1570 kernfs_dop_revalidate+0xa5/0x7e0 fs/kernfs/dir.c:1218 d_revalidate fs/namei.c:1030 [inline] d_revalidate fs/namei.c:1026 [inline] lookup_fast+0x3c7/0x600 fs/namei.c:1876 walk_component fs/namei.c:2274 [inline] link_path_walk+0x7a8/0x1b30 fs/namei.c:2652 path_openat+0x1be/0x31a0 fs/namei.c:4854 do_file_open+0x20e/0x430 fs/namei.c:4887 do_sys_openat2+0x10d/0x1e0 fs/open.c:1364 do_sys_open fs/open.c:1370 [inline] __do_sys_openat fs/open.c:1386 [inline] __se_sys_openat fs/open.c:1381 [inline] __x64_sys_openat+0x12d/0x210 fs/open.c:1381 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline] syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:238 [inline] syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline] do_syscall_64+0x682/0x7f0 arch/x86/entry/syscall_64.c:100 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fdc433dc0fc RSP: 002b:00007ffd511136e0 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 RAX: fffffffffffffffe RBX: 0000000000000002 RCX: 00007fdc433dc0fc RDX: 0000000000090800 RSI: 00007fdc434726ab RDI: 00000000ffffff9c RBP: 00007ffd5111378c R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000049be8 R15: 00007ffd511137e0 Showing all locks held in the system: 2 locks held by kworker/0:0/9: #0: ffff88810006b140 ( (wq_completion)events ){+.+.}-{0:0} , at: process_one_work+0x12d6/0x1980 kernel/workqueue.c:3277 #1: ffffc9000009fd18 ( free_ipc_work ){+.+.}-{0:0} , at: process_one_work+0x973/0x1980 kernel/workqueue.c:3278 6 locks held by kworker/0:1/10: #0: ffff888103ab8540 ( (wq_completion)usb_hub_wq ){+.+.}-{0:0} , at: process_one_work+0x12d6/0x1980 kernel/workqueue.c:3277 #1: ffffc900000afd18 ( (work_completion)(&hub->events) ){+.+.}-{0:0} , at: process_one_work+0x973/0x1980 kernel/workqueue.c:3278 #2: ffff88810bfa31d8 ( &dev->mutex ){....}-{4:4} , at: device_lock include/linux/device.h:1040 [inline] , at: hub_event+0x1bd/0x4af0 drivers/usb/core/hub.c:5899 #3: ffff888115ee01d8 ( &dev->mutex ){....}-{4:4} , at: device_lock include/linux/device.h:1040 [inline] , at: __device_attach+0x7e/0x4d0 drivers/base/dd.c:1076 #4: ffff888120cf81a0 ( &dev->mutex ){....}-{4:4} , at: device_lock include/linux/device.h:1040 [inline] , at: __device_attach+0x7e/0x4d0 drivers/base/dd.c:1076 #5: ffffffff8a5148c0 ( input_mutex ){+.+.}-{4:4} , at: class_mutex_intr_constructor include/linux/mutex.h:255 [inline] , at: input_register_device.cold+0x5b/0x375 drivers/input/input.c:2391 2 locks held by kworker/u8:0/12: #0: ffff8881000ac940 ( (wq_completion)events_unbound #2 ){+.+.}-{0:0} , at: process_one_work+0x12d6/0x1980 kernel/workqueue.c:3277 #1: ffffc900000cfd18 ( (work_completion)(&sub_info->work) ){+.+.}-{0:0} , at: process_one_work+0x973/0x1980 kernel/workqueue.c:3278 6 locks held by kworker/1:0/23: #0: ffff888103ab8540 ( (wq_completion)usb_hub_wq ){+.+.}-{0:0} , at: process_one_work+0x12d6/0x1980 kernel/workqueue.c:3277 #1: ffffc9000018fd18 ( (work_completion)(&hub->events) ){+.+.}-{0:0} , at: process_one_work+0x973/0x1980 kernel/workqueue.c:3278 #2: ffff88810bb5b1d8 ( &dev->mutex ){....}-{4:4} , at: device_lock include/linux/device.h:1040 [inline] , at: hub_event+0x1bd/0x4af0 drivers/usb/core/hub.c:5899 #3: ffff888118cf61d8 ( &dev->mutex ){....}-{4:4} , at: device_lock include/linux/device.h:1040 [inline] , at: __device_attach+0x7e/0x4d0 drivers/base/dd.c:1076 #4: ffff88811eec11a0 ( &dev->mutex ){....}-{4:4} , at: device_lock include/linux/device.h:1040 [inline] , at: __device_attach+0x7e/0x4d0 drivers/base/dd.c:1076 #5: ffffffff8a5148c0 ( input_mutex ){+.+.}-{4:4} , at: class_mutex_intr_constructor include/linux/mutex.h:255 [inline] , at: input_register_device.cold+0x5b/0x375 drivers/input/input.c:2391 8 locks held by kworker/1:1/28: 1 lock held by khungtaskd/30: #0: ffffffff896ddaa0 ( rcu_read_lock ){....}-{1:3} , at: rcu_lock_acquire include/linux/rcupdate.h:300 [inline] , at: rcu_read_lock include/linux/rcupdate.h:838 [inline] , at: debug_show_all_locks+0x3d/0x184 kernel/locking/lockdep.c:6775 2 locks held by kworker/u8:1/32: 2 locks held by kworker/u8:2/36: #0: ffff8881000ac940 ( (wq_completion)events_unbound#2 ){+.+.}-{0:0} , at: process_one_work+0x12d6/0x1980 kernel/workqueue.c:3277 #1: ffffc90000267d18 ( (work_completion)(&sub_info->work)){+.+.}-{0:0} , at: process_one_work+0x973/0x1980 kernel/workqueue.c:3278 2 locks held by kworker/u8:3/46: #0: ffff8881000ac940 ( (wq_completion)events_unbound#2 ){+.+.}-{0:0} , at: process_one_work+0x12d6/0x1980 kernel/workqueue.c:3277 #1: ffffc90000517d18 ( (work_completion)(&sub_info->work) ){+.+.}-{0:0} , at: process_one_work+0x973/0x1980 kernel/workqueue.c:3278 2 locks held by kworker/u8:4/55: #0: ffff8881000ac940 ( (wq_completion)events_unbound #2 ){+.+.}-{0:0} , at: process_one_work+0x12d6/0x1980 kernel/workqueue.c:3277 #1: ffffc90000577d18 ( (work_completion)(&sub_info->work) ){+.+.}-{0:0} , at: process_one_work+0x973/0x1980 kernel/workqueue.c:3278 2 locks held by kworker/u8:7/319: #0: ffff8881000ac940 ( (wq_completion)events_unbound#2 ){+.+.}-{0:0} , at: process_one_work+0x12d6/0x1980 kernel/workqueue.c:3277 #1: ffffc90001cc7d18 ( (work_completion)(&sub_info->work) ){+.+.}-{0:0} , at: process_one_work+0x973/0x1980 kernel/workqueue.c:3278 6 locks held by kworker/1:2/1123: #0: ffff888103ab8540 ( (wq_completion)usb_hub_wq