INFO: task syz-executor.0:6257 blocked for more than 143 seconds. Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.0 state:D stack:0 pid:6257 tgid:6257 ppid:1 flags:0x0000000c Call trace: __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5409 [inline] __schedule+0x14bc/0x24ec kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xbc/0x238 kernel/sched/core.c:6838 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149 hci_unregister_dev+0x304/0x4a8 net/bluetooth/hci_core.c:2790 vhci_release+0x7c/0xd0 drivers/bluetooth/hci_vhci.c:674 __fput+0x30c/0x738 fs/file_table.c:422 ____fput+0x20/0x30 fs/file_table.c:450 task_work_run+0x230/0x2e0 kernel/task_work.c:180 exit_task_work include/linux/task_work.h:38 [inline] do_exit+0x4e4/0x1ac8 kernel/exit.c:878 do_group_exit+0x194/0x22c kernel/exit.c:1027 __do_sys_exit_group kernel/exit.c:1038 [inline] __se_sys_exit_group kernel/exit.c:1036 [inline] pid_child_should_wake+0x0/0x1dc kernel/exit.c:1036 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz-executor.4:6265 blocked for more than 143 seconds. Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.4 state:D stack:0 pid:6265 tgid:6265 ppid:1 flags:0x0000000c Call trace: __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5409 [inline] __schedule+0x14bc/0x24ec kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xbc/0x238 kernel/sched/core.c:6838 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149 hci_unregister_dev+0x304/0x4a8 net/bluetooth/hci_core.c:2790 vhci_release+0x7c/0xd0 drivers/bluetooth/hci_vhci.c:674 __fput+0x30c/0x738 fs/file_table.c:422 ____fput+0x20/0x30 fs/file_table.c:450 task_work_run+0x230/0x2e0 kernel/task_work.c:180 exit_task_work include/linux/task_work.h:38 [inline] do_exit+0x4e4/0x1ac8 kernel/exit.c:878 do_group_exit+0x194/0x22c kernel/exit.c:1027 __do_sys_exit_group kernel/exit.c:1038 [inline] __se_sys_exit_group kernel/exit.c:1036 [inline] pid_child_should_wake+0x0/0x1dc kernel/exit.c:1036 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz-executor.2:6266 blocked for more than 143 seconds. Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.2 state:D stack:0 pid:6266 tgid:6266 ppid:1 flags:0x0000000c Call trace: __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5409 [inline] __schedule+0x14bc/0x24ec kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xbc/0x238 kernel/sched/core.c:6838 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149 hci_unregister_dev+0x304/0x4a8 net/bluetooth/hci_core.c:2790 vhci_release+0x7c/0xd0 drivers/bluetooth/hci_vhci.c:674 __fput+0x30c/0x738 fs/file_table.c:422 ____fput+0x20/0x30 fs/file_table.c:450 task_work_run+0x230/0x2e0 kernel/task_work.c:180 exit_task_work include/linux/task_work.h:38 [inline] do_exit+0x4e4/0x1ac8 kernel/exit.c:878 do_group_exit+0x194/0x22c kernel/exit.c:1027 __do_sys_exit_group kernel/exit.c:1038 [inline] __se_sys_exit_group kernel/exit.c:1036 [inline] pid_child_should_wake+0x0/0x1dc kernel/exit.c:1036 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task kworker/1:7:6306 blocked for more than 143 seconds. Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:7 state:D stack:0 pid:6306 tgid:6306 ppid:2 flags:0x00000008 Workqueue: events rfkill_global_led_trigger_worker Call trace: __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5409 [inline] __schedule+0x14bc/0x24ec kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xbc/0x238 kernel/sched/core.c:6838 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 rfkill_global_led_trigger_worker+0x30/0xe4 net/rfkill/core.c:182 process_one_work+0x7b8/0x15d4 kernel/workqueue.c:3254 process_scheduled_works kernel/workqueue.c:3335 [inline] worker_thread+0x938/0xef4 kernel/workqueue.c:3416 kthread+0x288/0x310 kernel/kthread.c:388 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860 INFO: task syz-executor.3:6362 blocked for more than 143 seconds. Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.3 state:D stack:0 pid:6362 tgid:6362 ppid:6254 flags:0x0000000d Call trace: __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5409 [inline] __schedule+0x14bc/0x24ec kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xbc/0x238 kernel/sched/core.c:6838 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149 nfc_unregister_device+0x98/0x290 net/nfc/core.c:1167 nci_unregister_device+0x1dc/0x21c net/nfc/nci/core.c:1312 virtual_ncidev_close+0x5c/0xa0 drivers/nfc/virtual_ncidev.c:168 __fput+0x30c/0x738 fs/file_table.c:422 __fput_sync+0x60/0x9c fs/file_table.c:507 __do_sys_close fs/open.c:1556 [inline] __se_sys_close fs/open.c:1541 [inline] __arm64_sys_close+0x150/0x1e0 fs/open.c:1541 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz-executor.1:6375 blocked for more than 143 seconds. Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:0 pid:6375 tgid:6374 ppid:6253 flags:0x0000000d Call trace: __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5409 [inline] __schedule+0x14bc/0x24ec kernel/sched/core.c:6746 __schedule_loop kernel/sched/core.c:6823 [inline] schedule+0xbc/0x238 kernel/sched/core.c:6838 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684 __mutex_lock kernel/locking/mutex.c:752 [inline] mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804 device_lock include/linux/device.h:990 [inline] nfc_dev_down net/nfc/core.c:143 [inline] nfc_rfkill_set_block+0x50/0x2d0 net/nfc/core.c:179 rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346 rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305 vfs_write+0x3c0/0xc3c fs/read_write.c:588 ksys_write+0x15c/0x26c fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [inline] __se_sys_write fs/read_write.c:652 [inline] __arm64_sys_write+0x7c/0x90 fs/read_write.c:652 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 Showing all locks held in the system: 1 lock held by khungtaskd/30: #0: ffff80008f057880 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:328 2 locks held by getty/6003: #0: ffff0000d21d60a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340 #1: ffff800097b9b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41c/0x1228 drivers/tty/n_tty.c:2201 1 lock held by syz-executor.0/6257: #0: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149 1 lock held by syz-executor.4/6265: #0: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149 1 lock held by syz-executor.2/6266: #0: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149 3 locks held by kworker/1:7/6306: #0: ffff0000c0028948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x668/0x15d4 kernel/workqueue.c:3228 #1: ffff80009a0f7c20 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x6b4/0x15d4 kernel/workqueue.c:3228 #2: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x30/0xe4 net/rfkill/core.c:182 2 locks held by syz-executor.3/6362: #0: ffff0000cf9d0100 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:990 [inline] #0: ffff0000cf9d0100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x6c/0x290 net/nfc/core.c:1165 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149 2 locks held by syz-executor.1/6375: #0: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x234/0x734 net/rfkill/core.c:1297 #1: ffff0000cf9d0100 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:990 [inline] #1: ffff0000cf9d0100 (&dev->mutex){....}-{3:3}, at: nfc_dev_down net/nfc/core.c:143 [inline] #1: ffff0000cf9d0100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x2d0 net/nfc/core.c:179 2 locks held by syz-executor.2/6487: #0: ffff0000ef45f918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.0/6490: #0: ffff0000f0f19918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.4/6492: #0: ffff0000c768e118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.3/6494: #0: ffff0000c7b3b918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.1/6497: #0: ffff0000d4ffd918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.2/6515: #0: ffff0000da93e918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.0/6517: #0: ffff0000c9a41118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.4/6519: #0: ffff0000d3067118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.3/6521: #0: ffff0000d62b2918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.1/6524: #0: ffff0000d62b0918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.2/6527: #0: ffff0000d5ef4118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.0/6529: #0: ffff0000d5ef0918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 2 locks held by syz-executor.4/6531: #0: ffff0000d7293118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075 =============================================