INFO: task syz-executor.4:6256 blocked for more than 143 seconds.
      Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.4  state:D stack:0     pid:6256  tgid:6256  ppid:1      flags:0x0000000c
Call trace:
 __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x14bc/0x24ec kernel/sched/core.c:6746
 __schedule_loop kernel/sched/core.c:6823 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6838
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895
 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684
 __mutex_lock kernel/locking/mutex.c:752 [inline]
 mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804
 rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149
 hci_unregister_dev+0x304/0x4a8 net/bluetooth/hci_core.c:2790
 vhci_release+0x7c/0xd0 drivers/bluetooth/hci_vhci.c:674
 __fput+0x30c/0x738 fs/file_table.c:422
 ____fput+0x20/0x30 fs/file_table.c:450
 task_work_run+0x230/0x2e0 kernel/task_work.c:180
 exit_task_work include/linux/task_work.h:38 [inline]
 do_exit+0x4e4/0x1ac8 kernel/exit.c:878
 do_group_exit+0x194/0x22c kernel/exit.c:1027
 __do_sys_exit_group kernel/exit.c:1038 [inline]
 __se_sys_exit_group kernel/exit.c:1036 [inline]
 pid_child_should_wake+0x0/0x1dc kernel/exit.c:1036
 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
INFO: task kworker/0:6:6307 blocked for more than 143 seconds.
      Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:6     state:D stack:0     pid:6307  tgid:6307  ppid:2      flags:0x00000008
Workqueue: events rfkill_global_led_trigger_worker
Call trace:
 __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x14bc/0x24ec kernel/sched/core.c:6746
 __schedule_loop kernel/sched/core.c:6823 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6838
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895
 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684
 __mutex_lock kernel/locking/mutex.c:752 [inline]
 mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804
 rfkill_global_led_trigger_worker+0x30/0xe4 net/rfkill/core.c:182
 process_one_work+0x7b8/0x15d4 kernel/workqueue.c:3254
 process_scheduled_works kernel/workqueue.c:3335 [inline]
 worker_thread+0x938/0xef4 kernel/workqueue.c:3416
 kthread+0x288/0x310 kernel/kthread.c:388
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
INFO: task syz-executor.3:6451 blocked for more than 143 seconds.
      Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3  state:D stack:0     pid:6451  tgid:6451  ppid:6261   flags:0x0000000d
Call trace:
 __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x14bc/0x24ec kernel/sched/core.c:6746
 __schedule_loop kernel/sched/core.c:6823 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6838
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895
 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684
 __mutex_lock kernel/locking/mutex.c:752 [inline]
 mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804
 rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149
 nfc_unregister_device+0x98/0x290 net/nfc/core.c:1167
 nci_unregister_device+0x1dc/0x21c net/nfc/nci/core.c:1312
 virtual_ncidev_close+0x5c/0xa0 drivers/nfc/virtual_ncidev.c:168
 __fput+0x30c/0x738 fs/file_table.c:422
 __fput_sync+0x60/0x9c fs/file_table.c:507
 __do_sys_close fs/open.c:1556 [inline]
 __se_sys_close fs/open.c:1541 [inline]
 __arm64_sys_close+0x150/0x1e0 fs/open.c:1541
 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
INFO: task syz-executor.0:6487 blocked for more than 143 seconds.
      Not tainted 6.9.0-rc3-syzkaller-gb5d2afe8745b #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0  state:D stack:0     pid:6487  tgid:6486  ppid:6259   flags:0x0000000d
Call trace:
 __switch_to+0x314/0x560 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5409 [inline]
 __schedule+0x14bc/0x24ec kernel/sched/core.c:6746
 __schedule_loop kernel/sched/core.c:6823 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6838
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6895
 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:684
 __mutex_lock kernel/locking/mutex.c:752 [inline]
 mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:804
 device_lock include/linux/device.h:990 [inline]
 nfc_dev_down net/nfc/core.c:143 [inline]
 nfc_rfkill_set_block+0x50/0x2d0 net/nfc/core.c:179
 rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
 rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
 vfs_write+0x3c0/0xc3c fs/read_write.c:588
 ksys_write+0x15c/0x26c fs/read_write.c:643
 __do_sys_write fs/read_write.c:655 [inline]
 __se_sys_write fs/read_write.c:652 [inline]
 __arm64_sys_write+0x7c/0x90 fs/read_write.c:652
 __invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598

Showing all locks held in the system:
1 lock held by khungtaskd/30:
 #0: ffff80008f057880 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:328
3 locks held by kworker/u8:8/526:
 #0: ffff0001b3de2c98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:559 [inline]
 #0: ffff0001b3de2c98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1385 [inline]
 #0: ffff0001b3de2c98 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1699 [inline]
 #0: ffff0001b3de2c98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2e0/0x24ec kernel/sched/core.c:6654
 #1: ffff0001b3dccc88 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x3c0/0x618 kernel/sched/psi.c:988
 #2: ffff0001b3dcea58 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x230 kernel/time/timer.c:1052
2 locks held by getty/6002:
 #0: ffff0000d29540a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
 #1: ffff800097b9b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41c/0x1228 drivers/tty/n_tty.c:2201
1 lock held by syz-executor.1/6253:
 #0: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149
1 lock held by syz-executor.4/6256:
 #0: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149
1 lock held by syz-executor.2/6264:
 #0: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149
3 locks held by kworker/0:6/6307:
 #0: ffff0000c0028948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x668/0x15d4 kernel/workqueue.c:3228
 #1: ffff8000a9797c20 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x6b4/0x15d4 kernel/workqueue.c:3228
 #2: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x30/0xe4 net/rfkill/core.c:182
2 locks held by syz-executor.3/6451:
 #0: ffff0000ea530100 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:990 [inline]
 #0: ffff0000ea530100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x6c/0x290 net/nfc/core.c:1165
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 net/rfkill/core.c:1149
2 locks held by syz-executor.0/6487:
 #0: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x234/0x734 net/rfkill/core.c:1297
 #1: ffff0000ea530100 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:990 [inline]
 #1: ffff0000ea530100 (&dev->mutex){....}-{3:3}, at: nfc_dev_down net/nfc/core.c:143 [inline]
 #1: ffff0000ea530100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x2d0 net/nfc/core.c:179
2 locks held by syz-executor.1/6624:
 #0: ffff0000cc79d918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.3/6650:
 #0: ffff0000d6f37118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.0/6682:
 #0: ffff0000da25c118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.4/6797:
 #0: ffff0000cecfb918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.2/6883:
 #0: ffff0000dc230118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.1/6886:
 #0: ffff0000cc6e1118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.3/6889:
 #0: ffff0000cd81d118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.0/6891:
 #0: ffff0000c86ea918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.4/6893:
 #0: ffff0000c2df5918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075
2 locks held by syz-executor.2/6896:
 #0: ffff0000ef17d918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x44/0x700 drivers/bluetooth/hci_vhci.c:479
 #1: ffff800091e90c28 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x44/0x7d4 net/rfkill/core.c:1075

=============================================