INFO: task kworker/1:4:5132 blocked for more than 143 seconds.
      Not tainted 6.10.0-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:4     state:D
 stack:19576 pid:5132  tgid:5132  ppid:2      flags:0x00004000
Workqueue: events nsim_fib_event_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5407 [inline]
 __schedule+0x17ae/0x4a10 kernel/sched/core.c:6748
 preempt_schedule_common+0x84/0xd0 kernel/sched/core.c:6927
 preempt_schedule+0xe1/0xf0 kernel/sched/core.c:6951
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk.S:12
 unwind_next_frame+0x2124/0x2a00 arch/x86/kernel/unwind_orc.c:672
 arch_stack_walk+0x151/0x1b0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
 unpoison_slab_object mm/kasan/common.c:312 [inline]
 __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:338
 kasan_slab_alloc include/linux/kasan.h:201 [inline]
 slab_post_alloc_hook mm/slub.c:3940 [inline]
 slab_alloc_node mm/slub.c:4002 [inline]
 kmem_cache_alloc_noprof+0x135/0x2a0 mm/slub.c:4009
 fill_pool lib/debugobjects.c:168 [inline]
 debug_objects_fill_pool+0x79e/0x9b0 lib/debugobjects.c:615
 debug_object_assert_init+0x12e/0x440 lib/debugobjects.c:893
 debug_timer_assert_init kernel/time/timer.c:846 [inline]
 debug_assert_init kernel/time/timer.c:891 [inline]
 __mod_timer+0x10d/0xeb0 kernel/time/timer.c:1072
 schedule_timeout+0x1b9/0x310 kernel/time/timer.c:2580
 schedule_timeout_uninterruptible kernel/time/timer.c:2615 [inline]
 msleep+0xa2/0xe0 kernel/time/timer.c:2736
 nsim_fib6_rt_add drivers/net/netdevsim/fib.c:693 [inline]
 nsim_fib6_rt_insert drivers/net/netdevsim/fib.c:759 [inline]
 nsim_fib6_event drivers/net/netdevsim/fib.c:856 [inline]
 nsim_fib_event drivers/net/netdevsim/fib.c:889 [inline]
 nsim_fib_event_work+0x2e2c/0x4130 drivers/net/netdevsim/fib.c:1492
 process_one_work kernel/workqueue.c:3248 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3329
 worker_thread+0x86d/0xd50 kernel/workqueue.c:3409
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Showing all locks held in the system:
2 locks held by kworker/u8:1/12:
2 locks held by kworker/1:0/25:
1 lock held by khungtaskd/30:
 #0: ffffffff8e333f60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
 #0: ffffffff8e333f60 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline]
 #0: ffffffff8e333f60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6614
6 locks held by kworker/1:1H/99:
6 locks held by kworker/u8:8/1272:
 #0: 
ffff888015ed3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3223 [inline]
ffff888015ed3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3329
 #1: 
ffffc9000488fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3224 [inline]
ffffc9000488fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3329
 #2: ffffffff8f5cbad0 (pernet_ops_rwsem
){++++}-{3:3}
, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
 #3: ffff88805fd0a0e8 (&dev->mutex){....}-{3:3}
, at: device_lock include/linux/device.h:1009 [inline]
, at: devl_dev_lock net/devlink/devl_internal.h:108 [inline]
, at: devlink_pernet_pre_exit+0x13b/0x440 net/devlink/core.c:506
 #4: ffff88805fd0d250
 (&devlink->lock_key#61){+.+.}-{3:3}, at: devl_lock net/devlink/core.c:276 [inline]
 (&devlink->lock_key#61){+.+.}-{3:3}, at: devl_dev_lock net/devlink/devl_internal.h:109 [inline]
 (&devlink->lock_key#61){+.+.}-{3:3}, at: devlink_pernet_pre_exit+0x14d/0x440 net/devlink/core.c:506
 #5: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 drivers/net/netdevsim/netdev.c:773
2 locks held by getty/4834:
 #0: ffff88802f6720a0
 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc90002f162f0
 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
4 locks held by kworker/1:4/5132:
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3223 [inline]
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3329
 #1: ffffc900041d7d00 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3224 [inline]
 #1: ffffc900041d7d00 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3329
 #2: 
ffff8880617d5240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x2d1/0x4130 drivers/net/netdevsim/fib.c:1489
 #3: ffffffff8ea31fe0 (fill_pool_map-wait-type-override){+.+.}-{3:3}, at: debug_objects_fill_pool+0x80/0x9b0 lib/debugobjects.c:614
3 locks held by kworker/0:5/5136:
 #0: ffff888015080948
 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3223 [inline]
 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3329
 #1: ffffc90004667d00 (deferred_process_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3224 [inline]
 #1: ffffc90004667d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3329
 #2: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
2 locks held by kworker/1:7/5169:
2 locks held by kworker/1:1/14529:
1 lock held by syz-executor/16831:
 #0: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: netdev_wait_allrefs_any net/core/dev.c:10570 [inline]
 #0: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: netdev_run_todo+0x89e/0x1000 net/core/dev.c:10681
2 locks held by syz-executor/16973:
 #0: ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1159
2 locks held by syz-executor/16979:
 #0: 
ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1159
2 locks held by syz-executor/16981:
 #0: ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1159
3 locks held by syz-executor/16983:
 #0: ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308
 (rtnl_mutex){+.+.}-{3:3}, at: setup_net+0x83d/0xca0 net/core/net_namespace.c:365
 #2: ffffffff8e339338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:291 [inline]
 #2: ffffffff8e339338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 kernel/rcu/tree_exp.h:939
2 locks held by syz-executor/16988:
 #0: ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1159
2 locks held by syz-executor/16993:
 #0: ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1159
2 locks held by syz-executor/17005:
 #0: ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1159
2 locks held by syz-executor/17007:
 #0: ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}
, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308
 (
rtnl_mutex
){+.+.}-{3:3}
, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1159
2 locks held by syz-executor/17009:
 #0: ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308
 (
rtnl_mutex
){+.+.}-{3:3}
, at: register_nexthop_notifier+0x84/0x290 net/ipv4/nexthop.c:3871
2 locks held by syz-executor/17010:
 #0: 
ffffffff8f5cbad0 (pernet_ops_rwsem){++++}-{3:3}
, at: copy_net_ns+0x4c6/0x7b0 net/core/net_namespace.c:504
 #1: ffffffff8f5d8308 (rtnl_mutex){+.+.}-{3:3}, at: ip_tunnel_init_net+0x20e/0x710 net/ipv4/ip_tunnel.c:1159

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114
 nmi_cpu_backtrace+0x49c/0x4d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]
 watchdog+0xfde/0x1020 kernel/hung_task.c:379
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
NMI backtrace for cpu 1
CPU: 1 PID: 99 Comm: kworker/1:1H Not tainted 6.10.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
Workqueue: kblockd blk_mq_requeue_work
RIP: 0010:get_current arch/x86/include/asm/current.h:49 [inline]
RIP: 0010:write_comp_data kernel/kcov.c:235 [inline]
RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x8/0x90 kernel/kcov.c:304
Code: 44 0a 20 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 <65> 48 8b 14 25 80 d4 03 00 65 8b 05 80 a7 6d 7e a9 00 01 ff 00 74
RSP: 0000:ffffc90000a174b8 EFLAGS: 00000046
RAX: ffffc90000a17540 RBX: ffffc90000a17540 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90000a175d0 R08: ffffffff8b771b76 R09: 0000000000000000
R10: ffffc90000a17540 R11: fffff52000142eab R12: 00000000ffff0a00
R13: dffffc0000000000 R14: ffff0a0000000509 R15: ffffc90000a17921
FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000110c3d957b CR3: 000000000e132000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 number+0xb6/0xf90 lib/vsprintf.c:464
 vsnprintf+0x1542/0x1da0 lib/vsprintf.c:2890
 sprintf+0xda/0x120 lib/vsprintf.c:3028
 print_time kernel/printk/printk.c:1330 [inline]
 info_print_prefix+0x16b/0x310 kernel/printk/printk.c:1356
 record_print_text kernel/printk/printk.c:1405 [inline]
 printk_get_next_message+0x6da/0xbe0 kernel/printk/printk.c:2840
 console_emit_next_record kernel/printk/printk.c:2880 [inline]
 console_flush_all+0x410/0xfd0 kernel/printk/printk.c:2979
 console_unlock+0x13b/0x4d0 kernel/printk/printk.c:3048
 vprintk_emit+0x5a6/0x770 kernel/printk/printk.c:2348
 _printk+0xd5/0x120 kernel/printk/printk.c:2373
 int_irq+0x1bd/0x250 drivers/media/usb/gspca/gspca.c:104
 __usb_hcd_giveback_urb+0x42c/0x6e0 drivers/usb/core/hcd.c:1650
 dummy_timer+0x830/0x45d0 drivers/usb/gadget/udc/dummy_hcd.c:1987
 __run_hrtimer kernel/time/hrtimer.c:1689 [inline]
 __hrtimer_run_queues+0x59b/0xd50 kernel/time/hrtimer.c:1753
 hrtimer_interrupt+0x396/0x990 kernel/time/hrtimer.c:1815
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline]
 __sysvec_apic_timer_interrupt+0x110/0x3f0 arch/x86/kernel/apic/apic.c:1049
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0x52/0xc0 arch/x86/kernel/apic/apic.c:1043
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:preempt_count_sub+0x0/0x170 kernel/sched/core.c:5894
Code: 8c 77 ff ff ff 48 c7 c7 a0 9b ac 8f e8 d9 09 93 00 e9 66 ff ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 41 56 53 89 fb 48 c7 c0 e0 e6 76 94 48 c1 e8 03 49 be
RSP: 0000:ffffc90000a18760 EFLAGS: 00000246
RAX: ffffffff81410e4b RBX: ffffc90000a19000 RCX: ffff888019b3da00
RDX: 0000000000000101 RSI: ffffc90000a18f60 RDI: 0000000000000001
RBP: ffffc90000a18840 R08: ffffffff81410de5 R09: ffffffff8141095f
R10: 0000000000000003 R11: ffff888019b3da00 R12: ffffc90000a18ff0
R13: dffffc0000000000 R14: ffffc90000a11000 R15: ffffc90000a18ff8
 unwind_next_frame+0x1e65/0x2a00 arch/x86/kernel/unwind_orc.c:672
 arch_stack_walk+0x151/0x1b0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579
 poison_slab_object+0xe0/0x150 mm/kasan/common.c:240
 __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256
 kasan_slab_free include/linux/kasan.h:184 [inline]
 slab_free_hook mm/slub.c:2196 [inline]
 slab_free mm/slub.c:4438 [inline]
 kmem_cache_free+0x145/0x350 mm/slub.c:4513
 __sg_free_table+0x199/0x200 lib/scatterlist.c:229
 scsi_free_sgtables drivers/scsi/scsi_lib.c:580 [inline]
 scsi_mq_uninit_cmd drivers/scsi/scsi_lib.c:590 [inline]
 scsi_end_request+0x20e/0x880 drivers/scsi/scsi_lib.c:657
 scsi_io_completion+0x1bd/0x430 drivers/scsi/scsi_lib.c:1068
 blk_complete_reqs block/blk-mq.c:1132 [inline]
 blk_done_softirq+0x100/0x150 block/blk-mq.c:1137
 handle_softirqs+0x2c4/0x970 kernel/softirq.c:554
 __do_softirq kernel/softirq.c:588 [inline]
 invoke_softirq kernel/softirq.c:428 [inline]
 __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:649
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:dd_has_work+0x4/0x3b0 block/mq-deadline.c:765
Code: e8 41 6e 64 fd e9 04 fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <41> 57 41 56 41 54 53 48 89 fb 49 bc 00 00 00 00 00 fc ff df e8 d3
RSP: 0000:ffffc900025577b8 EFLAGS: 00000286
RAX: 1ffffffff1d42748 RBX: ffffffff8ea13a40 RCX: dffffc0000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888020f39000
RBP: ffffc90002557968 R08: ffffffff848bea6d R09: ffffffff8489d623
R10: 0000000000000003 R11: ffffffff849438c0 R12: ffffc900025578e0
R13: ffffc900025578c8 R14: 1ffff110045b2800 R15: ffff888022d94000
 __blk_mq_do_dispatch_sched block/blk-mq-sched.c:106 [inline]
 blk_mq_do_dispatch_sched block/blk-mq-sched.c:184 [inline]
 __blk_mq_sched_dispatch_requests+0x6be/0x1840 block/blk-mq-sched.c:309
 blk_mq_sched_dispatch_requests+0xcb/0x140 block/blk-mq-sched.c:331
 blk_mq_run_hw_queue+0x9a5/0xae0 block/blk-mq.c:2250
 blk_mq_run_hw_queues+0x2b6/0x360 block/blk-mq.c:2299
 blk_mq_requeue_work+0x8b7/0x910 block/blk-mq.c:1484
 process_one_work kernel/workqueue.c:3248 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3329
 worker_thread+0x86d/0xd50 kernel/workqueue.c:3409
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
gspca_pac7302 3-1:0.0: URB error -71, resubmitting
gspca_pac7302 3-1:0.0: URB error -71, resubmitting