INFO: task kworker/u9:0:11857 blocked for more than 430 seconds. Not tainted 6.16.0-rc1-syzkaller-gfda589c28604 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/u9:0 state:D stack:0 pid:11857 tgid:11857 ppid:2 task_flags:0x4208060 flags:0x00000000 Workqueue: ib-unreg-wq ib_unregister_work Call Trace: [] context_switch kernel/sched/core.c:5396 [inline] [] __schedule+0x1022/0x4094 kernel/sched/core.c:6785 [] __schedule_loop kernel/sched/core.c:6863 [inline] [] schedule+0xc4/0x35e kernel/sched/core.c:6878 [] schedule_timeout+0x1c6/0x2ae kernel/time/sleep_timeout.c:75 [] do_wait_for_common kernel/sched/completion.c:95 [inline] [] __wait_for_common+0x1d2/0x3e8 kernel/sched/completion.c:116 [] wait_for_common kernel/sched/completion.c:127 [inline] [] wait_for_completion+0x1a/0x22 kernel/sched/completion.c:148 [] disable_device+0x1b2/0x2ba drivers/infiniband/core/device.c:1288 [] __ib_unregister_device+0x28e/0x402 drivers/infiniband/core/device.c:1518 [] ib_unregister_work+0x20/0x36 drivers/infiniband/core/device.c:1630 [] process_one_work+0x96a/0x1f32 kernel/workqueue.c:3238 [] process_scheduled_works kernel/workqueue.c:3321 [inline] [] worker_thread+0x5ce/0xde8 kernel/workqueue.c:3402 [] kthread+0x39c/0x7d4 kernel/kthread.c:464 [] ret_from_fork_kernel+0x2a/0xbb2 arch/riscv/kernel/process.c:214 [] ret_from_fork_kernel_asm+0x16/0x18 arch/riscv/kernel/entry.S:327 Showing all locks held in the system: 1 lock held by khungtaskd/37: #0: ffffffff883dc420 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2a/0x1a0 kernel/locking/lockdep.c:6766 2 locks held by syslogd/3001: 2 locks held by getty/3157: #0: ffffaf8018bf20a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3a/0x46 drivers/tty/tty_ldsem.c:340 #1: ffff8f800008e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x3e4/0x12b6 drivers/tty/n_tty.c:2222 2 locks held by syz-executor/3187: 3 locks held by kworker/0:2/3189: 4 locks held by syz-executor/3195: 3 locks held by kworker/u8:2/3256: #0: ffffaf80126e2148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x848/0x1f32 kernel/workqueue.c:3213 #1: ffff8f800ccd7b70 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x870/0x1f32 kernel/workqueue.c:3213 #2: ffffffff89855570 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xcc/0x7ce net/core/net_namespace.c:662 3 locks held by kworker/u10:4/8154: 3 locks held by kworker/u9:0/11857: #0: ffffaf8011f3c948 ((wq_completion)ib-unreg-wq){+.+.}-{0:0}, at: process_one_work+0x848/0x1f32 kernel/workqueue.c:3213 #1: ffff8f8000ad7b70 ((work_completion)(&device->unregistration_work)){+.+.}-{0:0}, at: process_one_work+0x870/0x1f32 kernel/workqueue.c:3213 #2: ffffaf801f0346d0 (&device->unregistration_lock){+.+.}-{4:4}, at: __ib_unregister_device+0x200/0x402 drivers/infiniband/core/device.c:1514 3 locks held by kworker/u9:1/12365: #0: ffffaf806ed3b0d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:606 [inline] #0: ffffaf806ed3b0d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1532 [inline] #0: ffffaf806ed3b0d8 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1856 [inline] #0: ffffaf806ed3b0d8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x304/0x4094 kernel/sched/core.c:6709 #1: ffffaf806ed25688 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x22a/0x718 kernel/sched/psi.c:987 #2: ffffaf806ed27098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x156/0x1f4 kernel/time/timer.c:1004 3 locks held by syz.2.4112/14014: ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Not tainted 6.16.0-rc1-syzkaller-gfda589c28604 #0 PREEMPT Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:132 [] show_stack+0x30/0x3c arch/riscv/kernel/stacktrace.c:138 [] __dump_stack lib/dump_stack.c:94 [inline] [] dump_stack_lvl+0x12e/0x1a6 lib/dump_stack.c:120 [] dump_stack+0x1c/0x24 lib/dump_stack.c:129 [] nmi_cpu_backtrace+0x3b0/0x3b2 lib/nmi_backtrace.c:113 [] nmi_trigger_cpumask_backtrace+0x2b6/0x458 lib/nmi_backtrace.c:62 [] arch_trigger_cpumask_backtrace+0x2c/0x3c arch/riscv/kernel/smp.c:350 [] trigger_all_cpu_backtrace include/linux/nmi.h:158 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:307 [inline] [] watchdog+0xcf2/0x11de kernel/hung_task.c:470 [] kthread+0x39c/0x7d4 kernel/kthread.c:464 [] ret_from_fork_kernel+0x2a/0xbb2 arch/riscv/kernel/process.c:214 [] ret_from_fork_kernel_asm+0x16/0x18 arch/riscv/kernel/entry.S:327 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 3187 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-gfda589c28604 #0 PREEMPT Hardware name: riscv-virtio,qemu (DT) epc : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline] epc : _raw_spin_unlock_irqrestore+0x36/0xd4 kernel/locking/spinlock.c:194 ra : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] ra : _raw_spin_unlock_irqrestore+0x86/0xd4 kernel/locking/spinlock.c:194 epc : ffffffff86348bd2 ra : ffffffff86348c22 sp : ffff8f8007776de0 gp : ffffffff89c83e20 tp : ffffaf8019c9cec0 t0 : ffff8f8007776ec0 t1 : fffffffef21f134a t2 : ffffaf806ed256c0 s0 : ffff8f8007776e00 s1 : 0000000000000002 a0 : 0000000000000000 a1 : ffffffff87d71d08 a2 : 0000000000000007 a3 : 0000000000000001 a4 : 0000000000000001 a5 : 0000000000000000 a6 : 0000000000000003 a7 : ffffffff90f89a53 s2 : ffffffff90f89a50 s3 : dead000000000100 s4 : dead000000000122 s5 : dfffffff00000000 s6 : ffffaf803ff76000 s7 : ffffaf803ff75000 s8 : 0000000000000002 s9 : 0000000000000002 s10: ffffaf803ff76000 s11: ffffaf803ff75000 t3 : d09dfecc00000000 t4 : fffffffef21f134a t5 : fffffffef21f134b t6 : 0000000000000002 status: 0000000200000120 badaddr: 0000000000000000 cause: 8000000000000001 [] arch_local_irq_restore arch/riscv/include/asm/irqflags.h:51 [inline] [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] [] _raw_spin_unlock_irqrestore+0x36/0xd4 kernel/locking/spinlock.c:194 [] __debug_check_no_obj_freed lib/debugobjects.c:1108 [inline] [] debug_check_no_obj_freed+0x26a/0x4fc lib/debugobjects.c:1129 [] free_pages_prepare mm/page_alloc.c:1255 [inline] [] free_unref_folios+0x4ac/0x1d2c mm/page_alloc.c:2763 [] folios_put_refs+0x418/0x5fa mm/swap.c:992 [] free_pages_and_swap_cache+0x268/0x490 mm/swap_state.c:264 [] __tlb_batch_free_encoded_pages+0x100/0x2b2 mm/mmu_gather.c:136 [] tlb_batch_pages_flush mm/mmu_gather.c:149 [inline] [] tlb_flush_mmu_free mm/mmu_gather.c:397 [inline] [] tlb_flush_mmu+0xe2/0x604 mm/mmu_gather.c:404 [] zap_pte_range mm/memory.c:1774 [inline] [] zap_pmd_range mm/memory.c:1827 [inline] [] zap_pud_range mm/memory.c:1856 [inline] [] zap_p4d_range mm/memory.c:1877 [inline] [] unmap_page_range+0x183e/0x3466 mm/memory.c:1898 [] unmap_single_vma.constprop.0+0x13c/0x232 mm/memory.c:1941 [] unmap_vmas+0x1e8/0x40a mm/memory.c:1985 [] exit_mmap+0x18c/0xd00 mm/mmap.c:1284 [] __mmput+0x108/0x3c0 kernel/fork.c:1121 [] mmput+0x74/0x88 kernel/fork.c:1144 [] exit_mm kernel/exit.c:581 [inline] [] do_exit+0x7b4/0x28ca kernel/exit.c:943 [] do_group_exit+0xd4/0x26c kernel/exit.c:1104 [] __do_sys_exit_group kernel/exit.c:1115 [inline] [] __se_sys_exit_group kernel/exit.c:1113 [inline] [] __riscv_sys_exit_group+0x4a/0x54 kernel/exit.c:1113 [] syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:112 [] do_trap_ecall_u+0x396/0x530 arch/riscv/kernel/traps.c:341 [] handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197