INFO: task kworker/1:1:26 blocked for more than 146 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/1:1 state:D stack:0 pid:26 tgid:26 ppid:2 task_flags:0x4208060 flags:0x00000010 Workqueue: events reg_todo Call trace: __switch_to+0x2b0/0x6e0 arch/arm64/kernel/process.c:810 (T) context_switch kernel/sched/core.c:5388 [inline] __schedule+0x1bec/0x2dcc kernel/sched/core.c:7189 __schedule_loop kernel/sched/core.c:7268 [inline] schedule+0x140/0x218 kernel/sched/core.c:7283 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:7340 __mutex_lock_common kernel/locking/mutex.c:726 [inline] __mutex_lock+0x4e4/0xef8 kernel/locking/mutex.c:820 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:873 class_wiphy_constructor include/net/cfg80211.h:6645 [inline] reg_process_self_managed_hints+0x94/0x1c0 net/wireless/reg.c:3192 reg_todo+0x604/0x69c net/wireless/reg.c:3205 process_one_work kernel/workqueue.c:3314 [inline] process_scheduled_works+0x79c/0x1098 kernel/workqueue.c:3397 worker_thread+0x754/0xba0 kernel/workqueue.c:3478 kthread+0x2f8/0x3c8 kernel/kthread.c:436 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:842 INFO: task kworker/u8:3:40 blocked for more than 146 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u8:3 state:D stack:0 pid:40 tgid:40 ppid:2 task_flags:0x4208060 flags:0x00000010 Workqueue: netns cleanup_net Call trace: __switch_to+0x2b0/0x6e0 arch/arm64/kernel/process.c:810 (T) context_switch kernel/sched/core.c:5388 [inline] __schedule+0x1bec/0x2dcc kernel/sched/core.c:7189 __schedule_loop kernel/sched/core.c:7268 [inline] schedule+0x140/0x218 kernel/sched/core.c:7283 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:7340 __mutex_lock_common kernel/locking/mutex.c:726 [inline] __mutex_lock+0x4e4/0xef8 kernel/locking/mutex.c:820 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:873 rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 nsim_destroy+0x140/0x5e4 drivers/net/netdevsim/netdev.c:1188 __nsim_dev_port_del+0x134/0x1e4 drivers/net/netdevsim/dev.c:1547 nsim_dev_port_del_all drivers/net/netdevsim/dev.c:1561 [inline] nsim_dev_reload_destroy+0x138/0x208 drivers/net/netdevsim/dev.c:1785 nsim_dev_reload_down+0x9c/0xd4 drivers/net/netdevsim/dev.c:1038 devlink_reload+0x194/0x648 net/devlink/dev.c:462 devlink_pernet_pre_exit+0x1a0/0x30c net/devlink/core.c:558 ops_pre_exit_list net/core/net_namespace.c:161 [inline] ops_undo_list+0x154/0x818 net/core/net_namespace.c:234 cleanup_net+0x470/0x6b8 net/core/net_namespace.c:702 process_one_work kernel/workqueue.c:3314 [inline] process_scheduled_works+0x79c/0x1098 kernel/workqueue.c:3397 worker_thread+0x754/0xba0 kernel/workqueue.c:3478 kthread+0x2f8/0x3c8 kernel/kthread.c:436 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:842 INFO: task kworker/u8:4:254 blocked for more than 146 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u8:4 state:D stack:0 pid:254 tgid:254 ppid:2 task_flags:0x4208060 flags:0x00000010 Workqueue: cfg80211 cfg80211_dfs_channels_update_work Call trace: __switch_to+0x2b0/0x6e0 arch/arm64/kernel/process.c:810 (T) context_switch kernel/sched/core.c:5388 [inline] __schedule+0x1bec/0x2dcc kernel/sched/core.c:7189 __schedule_loop kernel/sched/core.c:7268 [inline] schedule+0x140/0x218 kernel/sched/core.c:7283 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:7340 __mutex_lock_common kernel/locking/mutex.c:726 [inline] __mutex_lock+0x4e4/0xef8 kernel/locking/mutex.c:820 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:873 rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 cfg80211_dfs_channels_update_work+0xac/0x55c net/wireless/mlme.c:1045 process_one_work kernel/workqueue.c:3314 [inline] process_scheduled_works+0x79c/0x1098 kernel/workqueue.c:3397 worker_thread+0x754/0xba0 kernel/workqueue.c:3478 kthread+0x2f8/0x3c8 kernel/kthread.c:436 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:842 INFO: task kworker/u8:6:4742 blocked for more than 146 seconds. Not tainted syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u8:6 state:D stack:0 pid:4742 tgid:4742 ppid:2 task_flags:0x4208060 flags:0x00000010 Workqueue: events_power_efficient crda_timeout_work Call trace: __switch_to+0x2b0/0x6e0 arch/arm64/kernel/process.c:810 (T) context_switch kernel/sched/core.c:5388 [inline] __schedule+0x1bec/0x2dcc kernel/sched/core.c:7189 __schedule_loop kernel/sched/core.c:7268 [inline] schedule+0x140/0x218 kernel/sched/core.c:7283 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:7340 __mutex_lock_common kernel/locking/mutex.c:726 [inline] __mutex_lock+0x4e4/0xef8 kernel/locking/mutex.c:820 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:873 rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 crda_timeout_work+0x20/0x90 net/wireless/reg.c:529 process_one_work kernel/workqueue.c:3314 [inline] process_scheduled_works+0x79c/0x1098 kernel/workqueue.c:3397 worker_thread+0x754/0xba0 kernel/workqueue.c:3478 kthread+0x2f8/0x3c8 kernel/kthread.c:436 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:842 Showing all locks held in the system: 3 locks held by kworker/u8:0/12: 2 locks held by kworker/u8:1/15: 4 locks held by kworker/1:1/26: #0: ffff0000c002b540 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #0: ffff0000c002b540 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 kernel/workqueue.c:3397 #1: ffff80008eba7c40 (reg_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #1: ffff80008eba7c40 (reg_work){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 kernel/workqueue.c:3397 #2: ffff800089c3d1c0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 #3: ffff0000dc9b0780 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: class_wiphy_constructor include/net/cfg80211.h:6645 [inline] #3: ffff0000dc9b0780 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: reg_process_self_managed_hints+0x94/0x1c0 net/wireless/reg.c:3192 1 lock held by khungtaskd/31: #0: ffff800088b67360 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:300 [inline] #0: ffff800088b67360 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline] #0: ffff800088b67360 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x4c/0x188 kernel/locking/lockdep.c:6775 6 locks held by kworker/u8:3/40: #0: ffff0000c004e140 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #0: ffff0000c004e140 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 kernel/workqueue.c:3397 #1: ffff800090007c40 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #1: ffff800090007c40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 kernel/workqueue.c:3397 #2: ffff800089c2fcc8 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x100/0x6b8 net/core/net_namespace.c:673 #3: ffff0000f2c8e128 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:1040 [inline] #3: ffff0000f2c8e128 (&dev->mutex){....}-{4:4}, at: devl_dev_lock net/devlink/devl_internal.h:124 [inline] #3: ffff0000f2c8e128 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0xfc/0x30c net/devlink/core.c:555 #4: ffff0000f2c8d258 (&devlink->lock_key#3){+.+.}-{4:4}, at: devl_lock net/devlink/core.c:292 [inline] #4: ffff0000f2c8d258 (&devlink->lock_key#3){+.+.}-{4:4}, at: devl_dev_lock net/devlink/devl_internal.h:125 [inline] #4: ffff0000f2c8d258 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x110/0x30c net/devlink/core.c:555 #5: ffff800089c3d1c0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 1 lock held by pr/ttyAMA-1/41: 3 locks held by kworker/u8:4/254: #0: ffff0000c45db140 ((wq_completion)cfg80211){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #0: ffff0000c45db140 ((wq_completion)cfg80211){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 kernel/workqueue.c:3397 #1: ffff800092277c40 ((work_completion)(&(&rdev->dfs_update_channels_wk)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #1: ffff800092277c40 ((work_completion)(&(&rdev->dfs_update_channels_wk)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 kernel/workqueue.c:3397 #2: ffff800089c3d1c0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 2 locks held by kworker/u8:5/635: 3 locks held by kworker/R-ipv6_/2818: #0: ffff0000cede4140 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #0: ffff0000cede4140 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 kernel/workqueue.c:3397 #1: ffff800099607c00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #1: ffff800099607c00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 kernel/workqueue.c:3397 #2: ffff800089c3d1c0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 1 lock held by dhcpcd/4393: #0: ffff800089c3d1c0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 2 locks held by getty/4484: #0: ffff0000cfa460a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340 #1: ffff80009232e2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x354/0xf84 drivers/tty/n_tty.c:2211 1 lock held by syz-executor/4690: 1 lock held by udevd/4692: 1 lock held by syz-executor/4715: 3 locks held by kworker/u8:6/4742: #0: ffff0000c004b940 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #0: ffff0000c004b940 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 kernel/workqueue.c:3397 #1: ffff800096837c40 ((crda_timeout).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #1: ffff800096837c40 ((crda_timeout).work){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 kernel/workqueue.c:3397 #2: ffff800089c3d1c0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 3 locks held by kworker/u8:7/4870: 4 locks held by syz.0.72/5267: #0: ffff0000dc77cea0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x2c/0xb8 net/bluetooth/hci_core.c:500 #1: ffff0000dc77c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x45c/0xe48 net/bluetooth/hci_sync.c:5366 #2: ffff800089d9d0e0 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_disconn_cfm include/net/bluetooth/hci_core.h:2151 [inline] #2: ffff800089d9d0e0 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xb0/0x238 net/bluetooth/hci_conn.c:2736 #3: ffff0000d3c0d2f8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x88/0x440 net/bluetooth/l2cap_core.c:1779 3 locks held by kworker/u8:9/5332: 2 locks held by kworker/u8:10/5333: 3 locks held by kworker/u8:11/5334: 3 locks held by kworker/u8:13/5336: 4 locks held by kworker/u8:14/5337: #0: ffff0000d3f58940 ((wq_completion)ext4-rsv-conversion){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #0: ffff0000d3f58940 ((wq_completion)ext4-rsv-conversion){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 kernel/workqueue.c:3397 #1: ffff80009afa7c40 ((work_completion)(&ei->i_rsv_conversion_work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #1: ffff80009afa7c40 ((work_completion)(&ei->i_rsv_conversion_work)){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 kernel/workqueue.c:3397 #2: ffff0000d4092938 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1a08/0x1c10 fs/jbd2/transaction.c:442 #3: ffff0000dd16c378 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x4f8/0xbe0 fs/ext4/inode.c:823 3 locks held by kworker/u8:15/5338: 3 locks held by kworker/u8:16/5339: #0: ffff0000c004b940 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #0: ffff0000c004b940 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 kernel/workqueue.c:3397 #1: ffff80009a267c40 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #1: ffff80009a267c40 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 kernel/workqueue.c:3397 #2: ffff800089c3d1c0 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80 3 locks held by kworker/u8:17/5340: 6 locks held by kworker/u8:18/5341: #0: ffff0000c1f19140 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #0: ffff0000c1f19140 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x748/0x1098 kernel/workqueue.c:3397 #1: ffff80009a247c40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3289 [inline] #1: ffff80009a247c40 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x750/0x1098 kernel/workqueue.c:3397 #2: ffff0000d40960d8 (&type->s_umount_key#31){++++}-{4:4}, at: super_trylock_shared+0x24/0xdc fs/super.c:565 #3: ffff0000d4094c18 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: percpu_down_read include/linux/percpu-rwsem.h:77 [inline] #3: ffff0000d4094c18 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages_down_read fs/ext4/ext4.h:1811 [inline] #3: ffff0000d4094c18 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x16c/0x2d8 fs/ext4/inode.c:3041 #4: ffff0000d4092938 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1a08/0x1c10 fs/jbd2/transaction.c:442 #5: ffff0000dd16c378 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x4f8/0xbe0 fs/ext4/inode.c:823 4 locks held by kworker/u8:19/5342: 3 locks held by kworker/u8:20/5343: 4 locks held by kworker/u8:21/5344: 3 locks held by kworker/u8:22/5345: 3 locks held by kworker/u8:23/5346: 1 lock held by syz-executor/5456: 1 lock held by syz-executor/6217: 4 locks held by kworker/u8:24/6236: 4 locks held by kworker/u8:25/6237: 7 locks held by kworker/u8:26/6238: 4 locks held by kworker/u8:27/6239: =============================================