INFO: task kworker/0:1:9 blocked for more than 162 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:1 state:D stack:21392 pid:9 tgid:9 ppid:2 flags:0x00004000 Workqueue: events switchdev_deferred_process_work Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 INFO: task kworker/u8:4:62 blocked for more than 163 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u8:4 state:D stack:19504 pid:62 tgid:62 ppid:2 flags:0x00004000 Workqueue: ipv6_addrconf addrconf_dad_work Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4196 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 INFO: task kworker/u8:8:2979 blocked for more than 163 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u8:8 state:D stack:19736 pid:2979 tgid:2979 ppid:2 flags:0x00004000 Workqueue: events_unbound linkwatch_event Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 linkwatch_event+0xe/0x60 net/core/link_watch.c:276 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 INFO: task dhcpcd:5497 blocked for more than 164 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:dhcpcd state:D stack:20096 pid:5497 tgid:5497 ppid:5496 flags:0x00000002 Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 devinet_ioctl+0x2ce/0x1aa0 net/ipv4/devinet.c:1112 inet_ioctl+0x3d7/0x4f0 net/ipv4/af_inet.c:1003 sock_do_ioctl+0x158/0x460 net/socket.c:1227 sock_ioctl+0x626/0x8e0 net/socket.c:1346 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa801c7bd49 RSP: 002b:00007ffc1f0dd548 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fa801bad6c0 RCX: 00007fa801c7bd49 RDX: 00007ffc1f0ed738 RSI: 0000000000008914 RDI: 0000000000000008 RBP: 00007ffc1f0fd8f8 R08: 00007ffc1f0ed6f8 R09: 00007ffc1f0ed6a8 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc1f0ed738 R14: 0000000000000028 R15: 0000000000008914 INFO: task kworker/u8:12:8907 blocked for more than 164 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u8:12 state:D stack:22096 pid:8907 tgid:8907 ppid:2 flags:0x00004000 Workqueue: netns cleanup_net Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 ieee80211_unregister_hw+0x55/0x2c0 net/mac80211/main.c:1662 mac80211_hwsim_del_radio+0x2c4/0x4c0 drivers/net/wireless/virtual/mac80211_hwsim.c:5625 hwsim_exit_net+0x5c1/0x670 drivers/net/wireless/virtual/mac80211_hwsim.c:6505 ops_exit_list net/core/net_namespace.c:173 [inline] cleanup_net+0x802/0xcc0 net/core/net_namespace.c:626 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 INFO: task syz-executor:9020 blocked for more than 164 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor state:D stack:20504 pid:9020 tgid:9020 ppid:1 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 rtnl_lock net/core/rtnetlink.c:79 [inline] rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:744 __sys_sendto+0x39b/0x4f0 net/socket.c:2214 __do_sys_sendto net/socket.c:2226 [inline] __se_sys_sendto net/socket.c:2222 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2222 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f44b59805ac RSP: 002b:00007ffed5e0a2b0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f44b6664620 RCX: 00007f44b59805ac RDX: 000000000000002c RSI: 00007f44b6664670 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007ffed5e0a304 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 R13: 0000000000000000 R14: 00007f44b6664670 R15: 0000000000000000 INFO: task syz-executor:9463 blocked for more than 165 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor state:D stack:21040 pid:9463 tgid:9463 ppid:1 flags:0x00000004 Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 rtnl_lock net/core/rtnetlink.c:79 [inline] rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:744 __sys_sendto+0x39b/0x4f0 net/socket.c:2214 __do_sys_sendto net/socket.c:2226 [inline] __se_sys_sendto net/socket.c:2222 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2222 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fcf2dd805ac RSP: 002b:00007ffe190c1fd0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fcf2ea64620 RCX: 00007fcf2dd805ac RDX: 0000000000000040 RSI: 00007fcf2ea64670 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007ffe190c2024 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 R13: 0000000000000000 R14: 00007fcf2ea64670 R15: 0000000000000000 INFO: task syz-executor:9890 blocked for more than 165 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor state:D stack:21168 pid:9890 tgid:9890 ppid:9881 flags:0x00000000 Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 rtnl_lock net/core/rtnetlink.c:79 [inline] rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:744 __sys_sendto+0x39b/0x4f0 net/socket.c:2214 __do_sys_sendto net/socket.c:2226 [inline] __se_sys_sendto net/socket.c:2222 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2222 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fcea77805ac RSP: 002b:00007fff9efcea30 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fcea8464620 RCX: 00007fcea77805ac RDX: 0000000000000028 RSI: 00007fcea8464670 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007fff9efcea84 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 R13: 0000000000000000 R14: 00007fcea8464670 R15: 0000000000000000 INFO: task syz-executor:10113 blocked for more than 165 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor state:D stack:24128 pid:10113 tgid:10113 ppid:10100 flags:0x00000000 Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 rtnl_lock net/core/rtnetlink.c:79 [inline] rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:744 __sys_sendto+0x39b/0x4f0 net/socket.c:2214 __do_sys_sendto net/socket.c:2226 [inline] __se_sys_sendto net/socket.c:2222 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2222 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa26db805ac RSP: 002b:00007ffdfdc24ca0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fa26e864620 RCX: 00007fa26db805ac RDX: 0000000000000028 RSI: 00007fa26e864670 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007ffdfdc24cf4 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 R13: 0000000000000000 R14: 00007fa26e864670 R15: 0000000000000000 INFO: task syz-executor:10115 blocked for more than 165 seconds. Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor state:D stack:24128 pid:10115 tgid:10115 ppid:10103 flags:0x00000000 Call Trace: context_switch kernel/sched/core.c:5328 [inline] __schedule+0x185a/0x4b70 kernel/sched/core.c:6690 __schedule_loop kernel/sched/core.c:6767 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6782 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6839 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x6a7/0xd70 kernel/locking/mutex.c:752 rtnl_lock net/core/rtnetlink.c:79 [inline] rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:744 __sys_sendto+0x39b/0x4f0 net/socket.c:2214 __do_sys_sendto net/socket.c:2226 [inline] __se_sys_sendto net/socket.c:2222 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2222 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fbbddd805ac RSP: 002b:00007fff613719a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fbbdea64620 RCX: 00007fbbddd805ac RDX: 0000000000000028 RSI: 00007fbbdea64670 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007fff613719f4 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 R13: 0000000000000000 R14: 00007fbbdea64670 R15: 0000000000000000 Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings Showing all locks held in the system: 3 locks held by kworker/0:1/9: #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3204 [inline] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 kernel/workqueue.c:3310 #1: ffffc900000e7d00 (deferred_process_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3205 [inline] #1: ffffc900000e7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 kernel/workqueue.c:3310 #2: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 net/switchdev/switchdev.c:104 1 lock held by khungtaskd/30: #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline] #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6720 3 locks held by kworker/u8:4/62: #0: ffff888030725948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3204 [inline] #0: ffff888030725948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 kernel/workqueue.c:3310 #1: ffffc900015d7d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3205 [inline] #1: ffffc900015d7d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 kernel/workqueue.c:3310 #2: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 net/ipv6/addrconf.c:4196 4 locks held by kworker/u8:8/2979: 2 locks held by klogd/5192: 4 locks held by udevd/5203: 1 lock held by dhcpcd/5497: #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1aa0 net/ipv4/devinet.c:1112 2 locks held by getty/5598: #0: ffff8880353520a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 drivers/tty/n_tty.c:2211 1 lock held by syz-executor/5819: 1 lock held by syz-executor/5830: #0: ffffffff8e93d200 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x530 kernel/rcu/tree.c:4562 4 locks held by kworker/u8:12/8907: #0: ffff88801baeb148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3204 [inline] #0: ffff88801baeb148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 kernel/workqueue.c:3310 #1: ffffc9001803fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3205 [inline] #1: ffffc9001803fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 kernel/workqueue.c:3310 #2: ffffffff8fcb4390 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 net/core/net_namespace.c:580 #3: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2c0 net/mac80211/main.c:1662 1 lock held by syz-executor/9020: #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline] #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 1 lock held by syz-executor/9463: #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline] #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 1 lock held by syz-executor/9890: #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline] #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 1 lock held by syz-executor/10113: #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline] #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 1 lock held by syz-executor/10115: #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:79 [inline] #0: ffffffff8fcc0e88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 net/core/rtnetlink.c:6672 2 locks held by kworker/u8:14/10118: 4 locks held by syz-executor/10122: ============================================= NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 nmi_cpu_backtrace+0x49c/0x4d0 lib/nmi_backtrace.c:113 nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline] watchdog+0xff4/0x1040 kernel/hung_task.c:379 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 2979 Comm: kworker/u8:8 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: events_unbound linkwatch_event RIP: 0010:unwind_next_frame+0x1627/0x22d0 arch/x86/kernel/unwind_orc.c:641 Code: 04 2b 84 c0 0f 85 82 08 00 00 48 8b 44 24 28 0f b7 30 c1 ee 04 83 e6 0f 83 fe 04 0f 84 d0 00 00 00 83 fe 01 0f 84 28 01 00 00 <85> f6 0f 85 cb 02 00 00 48 8b 44 24 38 80 3c 28 00 74 08 4c 89 ff RSP: 0018:ffffc9000b0bee10 EFLAGS: 00000297 RAX: ffffffff91228d6e RBX: 1ffffffff22451ad RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000b0bef40 RBP: dffffc0000000000 R08: ffffc9000b0bef3f R09: 0000000000000000 R10: ffffc9000b0bef30 R11: fffff52001617de8 R12: ffffc9000b0c0000 R13: ffffc9000b0beee0 R14: ffffffff8993acdf R15: ffffc9000b0bef30 FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f28c3726850 CR3: 000000007d2f6000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25 stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122 save_stack+0xfb/0x1f0 mm/page_owner.c:156 __reset_page_owner+0x76/0x430 mm/page_owner.c:297 reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1108 [inline] free_unref_page+0xcd0/0xf00 mm/page_alloc.c:2638 __slab_free+0x31b/0x3d0 mm/slub.c:4490 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286 __kasan_kmalloc+0x23/0xb0 mm/kasan/common.c:385 kasan_kmalloc include/linux/kasan.h:257 [inline] __do_kmalloc_node mm/slub.c:4264 [inline] __kmalloc_noprof+0x1fc/0x400 mm/slub.c:4276 kmalloc_noprof include/linux/slab.h:882 [inline] kzalloc_noprof include/linux/slab.h:1014 [inline] fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155 ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3761 ip6_route_add+0x28/0x160 net/ipv6/route.c:3853 addrconf_add_mroute net/ipv6/addrconf.c:2550 [inline] addrconf_add_dev+0x35b/0x540 net/ipv6/addrconf.c:2568 addrconf_dev_config net/ipv6/addrconf.c:3484 [inline] addrconf_init_auto_addrs+0x85f/0xeb0 net/ipv6/addrconf.c:3572 addrconf_notify+0xaff/0x1020 net/ipv6/addrconf.c:3745 notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93 netdev_state_change+0x11f/0x1a0 net/core/dev.c:1378 linkwatch_do_dev+0x112/0x170 net/core/link_watch.c:177 __linkwatch_run_queue+0x44f/0x6c0 net/core/link_watch.c:234 linkwatch_event+0x4c/0x60 net/core/link_watch.c:277 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244