#3: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
 #3: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
 #3: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6704
6 locks held by syz.3.730/8911:
2 locks held by syz.1.732/8917:
=============================================
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P8917/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=47385, q=761 ncpus=2)
task:syz.1.732       state:R  running task     stack:24672 pid:8917  tgid:8917  ppid:8293   flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6922
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5820
Code: 2b 00 74 08 4c 89 f7 e8 aa e6 8a 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
RSP: 0018:ffffc900092d77e0 EFLAGS: 00000206
RAX: 0000000000000001 RBX: 1ffff9200125af08 RCX: 3dc7c8a0ebb2c000
RDX: dffffc0000000000 RSI: ffffffff8bcada80 RDI: ffffffff8c207f20
RBP: ffffc900092d7940 R08: ffffffff93010787 R09: 1ffffffff26020f0
R10: dffffc0000000000 R11: fffffbfff26020f1 R12: 1ffff9200125af04
R13: dffffc0000000000 R14: ffffc900092d7840 R15: 0000000000000246
 rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
 rcu_read_lock include/linux/rcupdate.h:845 [inline]
 percpu_ref_put_many include/linux/percpu-refcount.h:330 [inline]
 percpu_ref_put+0x36/0x180 include/linux/percpu-refcount.h:351
 obj_cgroup_put include/linux/memcontrol.h:802 [inline]
 __memcg_slab_free_hook+0xa7/0x310 mm/memcontrol.c:3050
 memcg_slab_free_hook mm/slub.c:2165 [inline]
 slab_free mm/slub.c:4470 [inline]
 kmem_cache_free+0x1cf/0x350 mm/slub.c:4548
 vma_lock_free kernel/fork.c:458 [inline]
 __vm_area_free+0xe0/0x110 kernel/fork.c:514
 remove_vma mm/mmap.c:187 [inline]
 exit_mmap+0x645/0xc80 mm/mmap.c:3406
 __mmput+0x115/0x390 kernel/fork.c:1347
 exit_mm+0x220/0x310 kernel/exit.c:571
 do_exit+0x9b2/0x27f0 kernel/exit.c:869
 do_group_exit+0x207/0x2c0 kernel/exit.c:1031
 __do_sys_exit_group kernel/exit.c:1042 [inline]
 __se_sys_exit_group kernel/exit.c:1040 [inline]
 __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040
 x64_sys_call+0x26e0/0x26e0 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f73e0775bd9
RSP: 002b:00007ffc2cb71288 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f73e0775bd9
RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: 000000052cb713af R09: 0000000000000000
R10: 00007f73dfe01000 R11: 0000000000000246 R12: 00007ffc2cb71370
R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffc2cb71370
 </TASK>
rcu: rcu_preempt kthread starved for 10439 jiffies! g47385 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:26544 pid:17    tgid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_timeout+0x1be/0x310 kernel/time/timer.c:2581
 rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2034
 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2236
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
NMI backtrace for cpu 1 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:106 [inline]
NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30 drivers/acpi/processor_idle.c:112
DEBUG: waiting rtnl_mutex for 10891 jiffies.
task:kworker/1:3     state:D stack:20240 pid:4882  tgid:4882  ppid:2      flags:0x00004000
Workqueue: events linkwatch_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 linkwatch_event+0xe/0x60 net/core/link_watch.c:276
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: holding rtnl_mutex for 10994 jiffies.
task:kworker/u8:11   state:D stack:23128 pid:8269  tgid:8269  ppid:2      flags:0x00004000
Workqueue: netns cleanup_net
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 synchronize_rcu_expedited+0x684/0x830 kernel/rcu/tree_exp.h:995
 synchronize_rcu+0x11b/0x360 kernel/rcu/tree.c:3989
 lockdep_unregister_key+0x556/0x610 kernel/locking/lockdep.c:6557
 __qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
 qdisc_put net/sched/sch_generic.c:1105 [inline]
 dev_shutdown+0x357/0x440 net/sched/sch_generic.c:1493
 unregister_netdevice_many_notify+0x9c7/0x1d20 net/core/dev.c:11346
 cleanup_net+0x75d/0xcc0 net/core/net_namespace.c:635
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: waiting rtnl_mutex for 11018 jiffies.
task:kworker/u8:5    state:D stack:21008 pid:961   tgid:961   ppid:2      flags:0x00004000
Workqueue: ipv6_addrconf addrconf_dad_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4193
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: waiting rtnl_mutex for 11038 jiffies.
task:syz-executor    state:D stack:21024 pid:8877  tgid:8877  ppid:8859   flags:0x00000000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 rtnl_lock net/core/rtnetlink.c:149 [inline]
 rtnetlink_rcv_msg+0x847/0x1180 net/core/rtnetlink.c:6725
 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0x221/0x270 net/socket.c:745
 __sys_sendto+0x3a4/0x4f0 net/socket.c:2204
 __do_sys_sendto net/socket.c:2216 [inline]
 __se_sys_sendto net/socket.c:2212 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2212
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f55c977796c
RSP: 002b:00007ffe5ea37f50 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f55ca434620 RCX: 00007f55c977796c
RDX: 000000000000003c RSI: 00007f55ca434670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe5ea37fa4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f55ca434670 R15: 0000000000000000
 </TASK>
DEBUG: waiting rtnl_mutex for 11069 jiffies.
task:dhcpcd          state:D stack:20384 pid:4766  tgid:4766  ppid:4765   flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 rtnl_lock net/core/rtnetlink.c:149 [inline]
 rtnl_dumpit+0x9e/0x210 net/core/rtnetlink.c:6587
 netlink_dump+0x647/0xd80 net/netlink/af_netlink.c:2325
 netlink_recvmsg+0x6bb/0x11d0 net/netlink/af_netlink.c:1983
 sock_recvmsg_nosec net/socket.c:1046 [inline]
 sock_recvmsg+0x22f/0x280 net/socket.c:1068
 ____sys_recvmsg+0x1db/0x470 net/socket.c:2816
 ___sys_recvmsg net/socket.c:2858 [inline]
 __sys_recvmsg+0x2f0/0x3e0 net/socket.c:2888
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9e495ce91e
RSP: 002b:00007ffe20d71c98 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
RAX: ffffffffffffffda RBX: 00007ffe20d72dc0 RCX: 00007f9e495ce91e
RDX: 0000000000000000 RSI: 00007ffe20d72ce0 RDI: 0000000000000012
RBP: 00007ffe20d72d50 R08: 00007ffe20d72cc4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
R13: 00007ffe20d72cc4 R14: 00007ffe20d72ce0 R15: 00007ffe20d72cd0
 </TASK>
DEBUG: waiting rtnl_mutex for 11093 jiffies.
task:kworker/1:4     state:D stack:20440 pid:5147  tgid:5147  ppid:2      flags:0x00004000
Workqueue: events switchdev_deferred_process_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Showing all locks held in the system:
2 locks held by kworker/0:1/9:
2 locks held by kworker/u8:2/35:
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90000ab7d00 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90000ab7d00 ((reaper_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
3 locks held by kworker/u8:5/961:
 #0: ffff8880297c4148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff8880297c4148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90003b77d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90003b77d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4193
6 locks held by kworker/1:2/1794:
3 locks held by kworker/u8:9/2816:
2 locks held by kworker/u8:10/2844:
2 locks held by dhcpcd/4766:
 #0: ffff88805f356678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: netlink_dump+0xcb/0xd80 net/netlink/af_netlink.c:2271
 #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:149 [inline]
 #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 net/core/rtnetlink.c:6587
2 locks held by getty/4851:
 #0: ffff88802a89f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
3 locks held by kworker/1:3/4882:
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc9000339fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc9000339fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 net/core/link_watch.c:276
3 locks held by kworker/1:4/5147:
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90003f97d00 (deferred_process_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90003f97d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
1 lock held by syz-executor/7801:
2 locks held by kworker/1:6/8085:
5 locks held by kworker/u8:11/8269:
 #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc9000485fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc9000485fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
 #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 net/core/net_namespace.c:630
 #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:329 [inline]
 #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 kernel/rcu/tree_exp.h:980
2 locks held by kworker/u8:15/8272:
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc900048afd00 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc900048afd00 (connector_reaper_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
3 locks held by kworker/u8:20/8281:
4 locks held by udevd/8507:
 #0: ffff88805c1162f0 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb7/0xd60 fs/seq_file.c:182
 #1: ffff88807bd85888 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0 fs/kernfs/file.c:154
 #2: ffff88802fda7c38 (kn->active#22){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0 fs/kernfs/file.c:155
 #3: ffff888057afe190 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:1014 [inline]
 #3: ffff888057afe190 (&dev->mutex){....}-{3:3}, at: serial_show+0x26/0xa0 drivers/usb/core/sysfs.c:143
1 lock held by syz-executor/8877:
 #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:149 [inline]
 #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 net/core/rtnetlink.c:6725
4 locks held by syz.4.728/8909:
 #0: ffff888060f24c00 (&type->i_mutex_dir_key#15){.+.+}-{3:3}, at: inode_lock_shared include/linux/fs.h:809 [inline]
 #0: ffff888060f24c00 (&type->i_mutex_dir_key#15){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 fs/namei.c:1734
 #1: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
 #1: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
 #1: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: filemap_get_entry+0x123/0x3b0 mm/filemap.c:1837
 #2: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
 #3: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
 #3: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
 #3: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6704
6 locks held by syz.3.730/8911:
2 locks held by syz.1.732/8917:

=============================================

DEBUG: waiting rtnl_mutex for 11180 jiffies.
task:kworker/1:3     state:D stack:20240 pid:4882  tgid:4882  ppid:2      flags:0x00004000
Workqueue: events linkwatch_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 linkwatch_event+0xe/0x60 net/core/link_watch.c:276
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: holding rtnl_mutex for 11283 jiffies.
task:kworker/u8:11   state:D stack:23128 pid:8269  tgid:8269  ppid:2      flags:0x00004000
Workqueue: netns cleanup_net
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 synchronize_rcu_expedited+0x684/0x830 kernel/rcu/tree_exp.h:995
 synchronize_rcu+0x11b/0x360 kernel/rcu/tree.c:3989
 lockdep_unregister_key+0x556/0x610 kernel/locking/lockdep.c:6557
 __qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
 qdisc_put net/sched/sch_generic.c:1105 [inline]
 dev_shutdown+0x357/0x440 net/sched/sch_generic.c:1493
 unregister_netdevice_many_notify+0x9c7/0x1d20 net/core/dev.c:11346
 cleanup_net+0x75d/0xcc0 net/core/net_namespace.c:635
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: waiting rtnl_mutex for 11307 jiffies.
task:kworker/u8:5    state:D stack:21008 pid:961   tgid:961   ppid:2      flags:0x00004000
Workqueue: ipv6_addrconf addrconf_dad_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4193
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: waiting rtnl_mutex for 11327 jiffies.
task:syz-executor    state:D stack:21024 pid:8877  tgid:8877  ppid:8859   flags:0x00000000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 rtnl_lock net/core/rtnetlink.c:149 [inline]
 rtnetlink_rcv_msg+0x847/0x1180 net/core/rtnetlink.c:6725
 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0x221/0x270 net/socket.c:745
 __sys_sendto+0x3a4/0x4f0 net/socket.c:2204
 __do_sys_sendto net/socket.c:2216 [inline]
 __se_sys_sendto net/socket.c:2212 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2212
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f55c977796c
RSP: 002b:00007ffe5ea37f50 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f55ca434620 RCX: 00007f55c977796c
RDX: 000000000000003c RSI: 00007f55ca434670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe5ea37fa4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f55ca434670 R15: 0000000000000000
 </TASK>
DEBUG: waiting rtnl_mutex for 11358 jiffies.
task:dhcpcd          state:D stack:20384 pid:4766  tgid:4766  ppid:4765   flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 rtnl_lock net/core/rtnetlink.c:149 [inline]
 rtnl_dumpit+0x9e/0x210 net/core/rtnetlink.c:6587
 netlink_dump+0x647/0xd80 net/netlink/af_netlink.c:2325
 netlink_recvmsg+0x6bb/0x11d0 net/netlink/af_netlink.c:1983
 sock_recvmsg_nosec net/socket.c:1046 [inline]
 sock_recvmsg+0x22f/0x280 net/socket.c:1068
 ____sys_recvmsg+0x1db/0x470 net/socket.c:2816
 ___sys_recvmsg net/socket.c:2858 [inline]
 __sys_recvmsg+0x2f0/0x3e0 net/socket.c:2888
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9e495ce91e
RSP: 002b:00007ffe20d71c98 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
RAX: ffffffffffffffda RBX: 00007ffe20d72dc0 RCX: 00007f9e495ce91e
RDX: 0000000000000000 RSI: 00007ffe20d72ce0 RDI: 0000000000000012
RBP: 00007ffe20d72d50 R08: 00007ffe20d72cc4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
R13: 00007ffe20d72cc4 R14: 00007ffe20d72ce0 R15: 00007ffe20d72cd0
 </TASK>
DEBUG: waiting rtnl_mutex for 11382 jiffies.
task:kworker/1:4     state:D stack:20440 pid:5147  tgid:5147  ppid:2      flags:0x00004000
Workqueue: events switchdev_deferred_process_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Showing all locks held in the system:
2 locks held by kworker/0:1/9:
2 locks held by kworker/u8:2/35:
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90000ab7d00 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90000ab7d00 ((reaper_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
3 locks held by kworker/u8:5/961:
 #0: ffff8880297c4148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff8880297c4148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90003b77d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90003b77d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4193
6 locks held by kworker/1:2/1794:
3 locks held by kworker/u8:9/2816:
2 locks held by kworker/u8:10/2844:
2 locks held by dhcpcd/4766:
 #0: ffff88805f356678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: netlink_dump+0xcb/0xd80 net/netlink/af_netlink.c:2271
 #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:149 [inline]
 #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 net/core/rtnetlink.c:6587
2 locks held by getty/4851:
 #0: ffff88802a89f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
3 locks held by kworker/1:3/4882:
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc9000339fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc9000339fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 net/core/link_watch.c:276
3 locks held by kworker/1:4/5147:
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90003f97d00 (deferred_process_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90003f97d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
1 lock held by syz-executor/7801:
2 locks held by kworker/1:6/8085:
5 locks held by kworker/u8:11/8269:
 #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc9000485fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc9000485fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
 #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 net/core/net_namespace.c:630
 #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:329 [inline]
 #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 kernel/rcu/tree_exp.h:980
2 locks held by kworker/u8:15/8272:
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc900048afd00 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc900048afd00 (connector_reaper_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
3 locks held by kworker/u8:20/8281:
4 locks held by udevd/8507:
 #0: ffff88805c1162f0 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb7/0xd60 fs/seq_file.c:182
 #1: ffff88807bd85888 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0 fs/kernfs/file.c:154
 #2: ffff88802fda7c38 (kn->active#22){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0 fs/kernfs/file.c:155
 #3: ffff888057afe190 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:1014 [inline]
 #3: ffff888057afe190 (&dev->mutex){....}-{3:3}, at: serial_show+0x26/0xa0 drivers/usb/core/sysfs.c:143
1 lock held by syz-executor/8877:
 #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:149 [inline]
 #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 net/core/rtnetlink.c:6725
3 locks held by syz.4.728/8909:
 #0: ffff888060f24c00 (&type->i_mutex_dir_key#15){.+.+}-{3:3}, at: inode_lock_shared include/linux/fs.h:809 [inline]
 #0: ffff888060f24c00 (&type->i_mutex_dir_key#15){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 fs/namei.c:1734
 #1: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
 #2: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
 #2: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
 #2: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6704
6 locks held by syz.3.730/8911:
2 locks held by syz.1.732/8917:

=============================================

DEBUG: waiting rtnl_mutex for 11468 jiffies.
task:kworker/1:3     state:D stack:20240 pid:4882  tgid:4882  ppid:2      flags:0x00004000
Workqueue: events linkwatch_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 linkwatch_event+0xe/0x60 net/core/link_watch.c:276
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: holding rtnl_mutex for 11571 jiffies.
task:kworker/u8:11   state:D stack:23128 pid:8269  tgid:8269  ppid:2      flags:0x00004000
Workqueue: netns cleanup_net
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 synchronize_rcu_expedited+0x684/0x830 kernel/rcu/tree_exp.h:995
 synchronize_rcu+0x11b/0x360 kernel/rcu/tree.c:3989
 lockdep_unregister_key+0x556/0x610 kernel/locking/lockdep.c:6557
 __qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
 qdisc_put net/sched/sch_generic.c:1105 [inline]
 dev_shutdown+0x357/0x440 net/sched/sch_generic.c:1493
 unregister_netdevice_many_notify+0x9c7/0x1d20 net/core/dev.c:11346
 cleanup_net+0x75d/0xcc0 net/core/net_namespace.c:635
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: waiting rtnl_mutex for 11595 jiffies.
task:kworker/u8:5    state:D stack:21008 pid:961   tgid:961   ppid:2      flags:0x00004000
Workqueue: ipv6_addrconf addrconf_dad_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4193
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: waiting rtnl_mutex for 11615 jiffies.
task:syz-executor    state:D stack:21024 pid:8877  tgid:8877  ppid:8859   flags:0x00000000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 rtnl_lock net/core/rtnetlink.c:149 [inline]
 rtnetlink_rcv_msg+0x847/0x1180 net/core/rtnetlink.c:6725
 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0x221/0x270 net/socket.c:745
 __sys_sendto+0x3a4/0x4f0 net/socket.c:2204
 __do_sys_sendto net/socket.c:2216 [inline]
 __se_sys_sendto net/socket.c:2212 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2212
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f55c977796c
RSP: 002b:00007ffe5ea37f50 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f55ca434620 RCX: 00007f55c977796c
RDX: 000000000000003c RSI: 00007f55ca434670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffe5ea37fa4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f55ca434670 R15: 0000000000000000
 </TASK>
DEBUG: waiting rtnl_mutex for 11646 jiffies.
task:dhcpcd          state:D stack:20384 pid:4766  tgid:4766  ppid:4765   flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 rtnl_lock net/core/rtnetlink.c:149 [inline]
 rtnl_dumpit+0x9e/0x210 net/core/rtnetlink.c:6587
 netlink_dump+0x647/0xd80 net/netlink/af_netlink.c:2325
 netlink_recvmsg+0x6bb/0x11d0 net/netlink/af_netlink.c:1983
 sock_recvmsg_nosec net/socket.c:1046 [inline]
 sock_recvmsg+0x22f/0x280 net/socket.c:1068
 ____sys_recvmsg+0x1db/0x470 net/socket.c:2816
 ___sys_recvmsg net/socket.c:2858 [inline]
 __sys_recvmsg+0x2f0/0x3e0 net/socket.c:2888
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9e495ce91e
RSP: 002b:00007ffe20d71c98 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
RAX: ffffffffffffffda RBX: 00007ffe20d72dc0 RCX: 00007f9e495ce91e
RDX: 0000000000000000 RSI: 00007ffe20d72ce0 RDI: 0000000000000012
RBP: 00007ffe20d72d50 R08: 00007ffe20d72cc4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
R13: 00007ffe20d72cc4 R14: 00007ffe20d72ce0 R15: 00007ffe20d72cd0
 </TASK>
DEBUG: waiting rtnl_mutex for 11670 jiffies.
task:kworker/1:4     state:D stack:20440 pid:5147  tgid:5147  ppid:2      flags:0x00004000
Workqueue: events switchdev_deferred_process_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Showing all locks held in the system:
2 locks held by kworker/0:1/9:
2 locks held by kworker/u8:2/35:
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90000ab7d00 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90000ab7d00 ((reaper_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
3 locks held by kworker/u8:5/961:
 #0: ffff8880297c4148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff8880297c4148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90003b77d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90003b77d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4193
6 locks held by kworker/1:2/1794:
3 locks held by kworker/u8:9/2816:
2 locks held by kworker/u8:10/2844:
2 locks held by dhcpcd/4766:
 #0: ffff88805f356678 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: netlink_dump+0xcb/0xd80 net/netlink/af_netlink.c:2271
 #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:149 [inline]
 #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x9e/0x210 net/core/rtnetlink.c:6587
2 locks held by getty/4851:
 #0: ffff88802a89f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 drivers/tty/n_tty.c:2211
3 locks held by kworker/1:3/4882:
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc9000339fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc9000339fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 net/core/link_watch.c:276
3 locks held by kworker/1:4/5147:
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc90003f97d00 (deferred_process_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc90003f97d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104
1 lock held by syz-executor/7801:
2 locks held by kworker/1:6/8085:
5 locks held by kworker/u8:11/8269:
 #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc9000485fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc9000485fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
 #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:594
 #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: cleanup_net+0x6af/0xcc0 net/core/net_namespace.c:630
 #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:329 [inline]
 #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 kernel/rcu/tree_exp.h:980
2 locks held by kworker/u8:15/8272:
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3199 [inline]
 #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 kernel/workqueue.c:3305
 #1: ffffc900048afd00 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3200 [inline]
 #1: ffffc900048afd00 (connector_reaper_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 kernel/workqueue.c:3305
3 locks held by kworker/u8:20/8281:
4 locks held by udevd/8507:
 #0: ffff88805c1162f0 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb7/0xd60 fs/seq_file.c:182
 #1: ffff88807bd85888 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0 fs/kernfs/file.c:154
 #2: ffff88802fda7c38 (kn->active#22){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0 fs/kernfs/file.c:155
 #3: ffff888057afe190 (&dev->mutex){....}-{3:3}, at: device_lock_interruptible include/linux/device.h:1014 [inline]
 #3: ffff888057afe190 (&dev->mutex){....}-{3:3}, at: serial_show+0x26/0xa0 drivers/usb/core/sysfs.c:143
1 lock held by syz-executor/8877:
 #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:149 [inline]
 #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 net/core/rtnetlink.c:6725
5 locks held by syz.4.728/8909:
 #0: ffff888060f24c00 (&type->i_mutex_dir_key#15){.+.+}-{3:3}, at: inode_lock_shared include/linux/fs.h:809 [inline]
 #0: ffff888060f24c00 (&type->i_mutex_dir_key#15){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 fs/namei.c:1734
 #1: ffffffff8e42eee0 (fs_reclaim){+.+.}-{0:0}, at: might_alloc include/linux/sched/mm.h:334 [inline]
 #1: ffffffff8e42eee0 (fs_reclaim){+.+.}-{0:0}, at: prepare_alloc_pages+0x147/0x5d0 mm/page_alloc.c:4509
 #2: ffffffff8e4417a0 (mmu_notifier_invalidate_range_start){+.+.}-{0:0}, at: fs_reclaim_acquire+0x93/0x140 mm/page_alloc.c:3878
 #3: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 kernel/time/timer.c:1789
 #4: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:333 [inline]
 #4: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:845 [inline]
 #4: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6704
6 locks held by syz.3.730/8911:
2 locks held by syz.1.732/8917:

=============================================

DEBUG: waiting rtnl_mutex for 11756 jiffies.
task:kworker/1:3     state:D stack:20240 pid:4882  tgid:4882  ppid:2      flags:0x00004000
Workqueue: events linkwatch_event
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 linkwatch_event+0xe/0x60 net/core/link_watch.c:276
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: holding rtnl_mutex for 11859 jiffies.
task:kworker/u8:11   state:D stack:23128 pid:8269  tgid:8269  ppid:2      flags:0x00004000
Workqueue: netns cleanup_net
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 synchronize_rcu_expedited+0x684/0x830 kernel/rcu/tree_exp.h:995
 synchronize_rcu+0x11b/0x360 kernel/rcu/tree.c:3989
 lockdep_unregister_key+0x556/0x610 kernel/locking/lockdep.c:6557
 __qdisc_destroy+0x165/0x410 net/sched/sch_generic.c:1079
 qdisc_put net/sched/sch_generic.c:1105 [inline]
 dev_shutdown+0x357/0x440 net/sched/sch_generic.c:1493
 unregister_netdevice_many_notify+0x9c7/0x1d20 net/core/dev.c:11346
 cleanup_net+0x75d/0xcc0 net/core/net_namespace.c:635
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: waiting rtnl_mutex for 11883 jiffies.
task:kworker/u8:5    state:D stack:21008 pid:961   tgid:961   ppid:2      flags:0x00004000
Workqueue: ipv6_addrconf addrconf_dad_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4193
 process_one_work kernel/workqueue.c:3224 [inline]
 process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3305
 worker_thread+0x86d/0xd40 kernel/workqueue.c:3383
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
DEBUG: waiting rtnl_mutex for 11903 jiffies.
task:syz-executor    state:D stack:21024 pid:8877  tgid:8877  ppid:8859   flags:0x00000000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5248 [inline]
 __schedule+0x1800/0x4a60 kernel/sched/core.c:6600
 __schedule_loop kernel/sched/core.c:6677 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6692
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6749
 __mutex_lock_common kernel/locking/mutex.c:684 [inline]
 __mutex_lock+0x6a4/0xd70 kernel/locking/mutex.c:752
 rtnl_lock net/core/rtnetlink.c:149 [inline]
 rtnetlink_rcv_msg+0x847/0x1180 net/core/rtnetlink.c:6725
 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x7f0/0x990 net/netlink/af_netlink.c:1357