INFO: task systemd-udevd:13187 blocked for more than 143 seconds.
      Not tainted 5.14.0-rc7-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:systemd-udevd   state:D stack:26528 pid:13187 ppid:  4870 flags:0x00004000
Call Trace:
 context_switch kernel/sched/core.c:4681 [inline]
 __schedule+0x93a/0x26f0 kernel/sched/core.c:5938
 schedule+0xd3/0x270 kernel/sched/core.c:6017
 io_schedule+0xba/0x130 kernel/sched/core.c:7988
 wait_on_page_bit_common+0x537/0xe60 mm/filemap.c:1301
 wait_on_page_bit mm/filemap.c:1362 [inline]
 wait_on_page_locked include/linux/pagemap.h:689 [inline]
 wait_on_page_read mm/filemap.c:3312 [inline]
 do_read_cache_page+0x96b/0x13c0 mm/filemap.c:3355
 read_mapping_page include/linux/pagemap.h:515 [inline]
 read_part_sector+0x146/0x620 block/partitions/core.c:726
 adfspart_check_ICS+0x9d/0xc90 block/partitions/acorn.c:360
 check_partition block/partitions/core.c:147 [inline]
 blk_add_partitions block/partitions/core.c:611 [inline]
 bdev_disk_changed+0x796/0x1130 block/partitions/core.c:697
 blkdev_get_whole+0x216/0x420 fs/block_dev.c:1269
 blkdev_get_by_dev.part.0+0x30c/0xdd0 fs/block_dev.c:1417
 blkdev_get_by_dev fs/block_dev.c:1506 [inline]
 blkdev_open+0x295/0x300 fs/block_dev.c:1512
 do_dentry_open+0x4c8/0x11d0 fs/open.c:826
 do_open fs/namei.c:3374 [inline]
 path_openat+0x1c23/0x27f0 fs/namei.c:3507
 do_filp_open+0x1aa/0x400 fs/namei.c:3534
 do_sys_openat2+0x16d/0x420 fs/open.c:1204
 do_sys_open fs/open.c:1220 [inline]
 __do_sys_open fs/open.c:1228 [inline]
 __se_sys_open fs/open.c:1224 [inline]
 __x64_sys_open+0x119/0x1c0 fs/open.c:1224
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fe095a5b840
RSP: 002b:00007ffdc7f5e348 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000055fcd7c94380 RCX: 00007fe095a5b840
RDX: 000055fcd79d0fe3 RSI: 00000000000a0800 RDI: 000055fcd7c96110
RBP: 00007ffdc7f5e4c0 R08: 000055fcd79d0670 R09: 0000000000000010
R10: 00007fe0957d5d70 R11: 0000000000000246 R12: 00007ffdc7f5e410
R13: 000055fcd7c940a0 R14: 0000000000000003 R15: 000000000000000e
INFO: task syz-executor.0:16527 blocked for more than 143 seconds.
      Not tainted 5.14.0-rc7-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0  state:D stack:28176 pid:16527 ppid:  8458 flags:0x00000004
Call Trace:
 context_switch kernel/sched/core.c:4681 [inline]
 __schedule+0x93a/0x26f0 kernel/sched/core.c:5938
 schedule+0xd3/0x270 kernel/sched/core.c:6017
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:6076
 __mutex_lock_common kernel/locking/mutex.c:1036 [inline]
 __mutex_lock+0x7b6/0x10a0 kernel/locking/mutex.c:1104
 blkdev_put+0xa0/0xae0 fs/block_dev.c:1534
 blkdev_close+0x8c/0xb0 fs/block_dev.c:1586
 __fput+0x288/0x920 fs/file_table.c:280
 task_work_run+0xdd/0x1a0 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
 exit_to_user_mode_prepare+0x27e/0x290 kernel/entry/common.c:209
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:302
 do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x41940b
RSP: 002b:00007fff49b34670 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000004 RCX: 000000000041940b
RDX: 0000000000570500 RSI: ffffffff892a8268 RDI: 0000000000000003
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000001b2c523518
R10: 000000000000107d R11: 0000000000000293 R12: 0000000000064722
R13: 00000000000003e8 R14: 000000000056bf80 R15: 000000000006465b

Showing all locks held in the system:
1 lock held by ksoftirqd/1/19:
 #0: ffff8880b9d51b18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:460 [inline]
 #0: ffff8880b9d51b18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1307 [inline]
 #0: ffff8880b9d51b18 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1610 [inline]
 #0: ffff8880b9d51b18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x233/0x26f0 kernel/sched/core.c:5852
1 lock held by khungtaskd/1654:
 #0: ffffffff8b97c280 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6446
2 locks held by systemd-journal/4858:
 #0: ffff8880b9d51b18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:460 [inline]
 #0: ffff8880b9d51b18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1307 [inline]
 #0: ffff8880b9d51b18 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1610 [inline]
 #0: ffff8880b9d51b18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x233/0x26f0 kernel/sched/core.c:5852
 #1: ffff8880b9d1f9c8 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39d/0x480 kernel/sched/psi.c:880
1 lock held by in:imklog/8146:
1 lock held by systemd-udevd/13187:
 #0: ffff88801dc24518 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev.part.0+0x9d/0xdd0 fs/block_dev.c:1410
1 lock held by syz-executor.0/16527:
 #0: ffff88801dc24518 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xa0/0xae0 fs/block_dev.c:1534

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 1654 Comm: khungtaskd Not tainted 5.14.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:105
 nmi_cpu_backtrace.cold+0x44/0xd7 lib/nmi_backtrace.c:105
 nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:210 [inline]
 watchdog+0xd0a/0xfc0 kernel/hung_task.c:295
 kthread+0x3e5/0x4d0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 32 Comm: kworker/u4:2 Not tainted 5.14.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: phy3 ieee80211_iface_work
RIP: 0010:rcu_lockdep_current_cpu_online kernel/rcu/tree.c:1208 [inline]
RIP: 0010:rcu_lockdep_current_cpu_online+0x62/0x150 kernel/rcu/tree.c:1199
Code: c5 0f 87 f5 00 00 00 48 8d 3c ed 80 58 31 8b 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ad 00 00 00 <48> 03 1c ed 80 58 31 8b 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 18
RSP: 0018:ffffc90000e6f9a8 EFLAGS: 00000046
RAX: dffffc0000000000 RBX: 0000000000052980 RCX: ffffffff815b2948
RDX: 1ffffffff1662b11 RSI: 0000000000000003 RDI: ffffffff8b315888
RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8d6c8257
R10: fffffbfff1ad904a R11: 000000000000003f R12: 0000000000000001
R13: 0000000000000000 R14: ffffffff904573b0 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007faad4da3000 CR3: 0000000026cfc000 CR4: 0000000000350ee0
Call Trace:
 rcu_read_lock_held_common kernel/rcu/update.c:112 [inline]
 rcu_read_lock_held_common kernel/rcu/update.c:102 [inline]
 rcu_read_lock_sched_held+0x25/0x70 kernel/rcu/update.c:123
 trace_lock_acquire include/trace/events/lock.h:13 [inline]
 lock_acquire+0x442/0x510 kernel/locking/lockdep.c:5596
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:159
 __debug_check_no_obj_freed lib/debugobjects.c:975 [inline]
 debug_check_no_obj_freed+0xc7/0x420 lib/debugobjects.c:1018
 slab_free_hook mm/slub.c:1603 [inline]
 slab_free_freelist_hook+0x175/0x250 mm/slub.c:1653
 slab_free mm/slub.c:3213 [inline]
 kfree+0xe4/0x540 mm/slub.c:4267
 skb_free_head net/core/skbuff.c:654 [inline]
 skb_release_data+0x65a/0x790 net/core/skbuff.c:676
 skb_release_all net/core/skbuff.c:741 [inline]
 __kfree_skb net/core/skbuff.c:755 [inline]
 kfree_skb net/core/skbuff.c:773 [inline]
 kfree_skb+0x133/0x3f0 net/core/skbuff.c:767
 ieee80211_iface_work+0x3ee/0xa40 net/mac80211/iface.c:1464
 process_one_work+0x98d/0x1630 kernel/workqueue.c:2276
 worker_thread+0x658/0x11f0 kernel/workqueue.c:2422
 kthread+0x3e5/0x4d0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	0f 87 f5 00 00 00    	ja     0xfb
   6:	48 8d 3c ed 80 58 31 	lea    -0x74cea780(,%rbp,8),%rdi
   d:	8b
   e:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  15:	fc ff df
  18:	48 89 fa             	mov    %rdi,%rdx
  1b:	48 c1 ea 03          	shr    $0x3,%rdx
  1f:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  23:	0f 85 ad 00 00 00    	jne    0xd6
* 29:	48 03 1c ed 80 58 31 	add    -0x74cea780(,%rbp,8),%rbx <-- trapping instruction
  30:	8b
  31:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  38:	fc ff df
  3b:	48 8d 7b 18          	lea    0x18(%rbx),%rdi