INFO: task syz.3.222:7161 blocked for more than 154 seconds.
      Not tainted 6.15.0-rc1-syzkaller-g0af2f6be1b42 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.222       state:D stack:0     pid:7161  tgid:7135  ppid:6488   task_flags:0x400140 flags:0x0000080d
Call trace:
 __switch_to+0x414/0x788 arch/arm64/kernel/process.c:701 (T)
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x16a4/0x2c80 kernel/sched/core.c:6767
 __schedule_loop kernel/sched/core.c:6845 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6860
 __lock_sock+0x168/0x2d4 net/core/sock.c:3134
 lock_sock_nested+0xa4/0x11c net/core/sock.c:3702
 lock_sock include/net/sock.h:1615 [inline]
 inet_wait_for_connect net/ipv4/af_inet.c:611 [inline]
 __inet_stream_connect+0x700/0xc48 net/ipv4/af_inet.c:703
 inet_stream_connect+0x74/0xb0 net/ipv4/af_inet.c:748
 __sys_connect_file net/socket.c:2038 [inline]
 __sys_connect+0x260/0x294 net/socket.c:2057
 __do_sys_connect net/socket.c:2063 [inline]
 __se_sys_connect net/socket.c:2060 [inline]
 __arm64_sys_connect+0x7c/0x94 net/socket.c:2060
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x1e0/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744
 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
INFO: task syz.3.222:7162 blocked for more than 158 seconds.
      Not tainted 6.15.0-rc1-syzkaller-g0af2f6be1b42 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.3.222       state:D stack:0     pid:7162  tgid:7135  ppid:6488   task_flags:0x400040 flags:0x00000001
Call trace:
 __switch_to+0x414/0x788 arch/arm64/kernel/process.c:701 (T)
 context_switch kernel/sched/core.c:5382 [inline]
 __schedule+0x16a4/0x2c80 kernel/sched/core.c:6767
 __schedule_loop kernel/sched/core.c:6845 [inline]
 schedule+0xbc/0x238 kernel/sched/core.c:6860
 __lock_sock+0x168/0x2d4 net/core/sock.c:3134
 lock_sock_nested+0xa4/0x11c net/core/sock.c:3702
 lock_sock include/net/sock.h:1615 [inline]
 inet_shutdown+0x74/0x354 net/ipv4/af_inet.c:905
 __sys_shutdown_sock net/socket.c:2406 [inline]
 __sys_shutdown net/socket.c:2422 [inline]
 __do_sys_shutdown net/socket.c:2427 [inline]
 __se_sys_shutdown net/socket.c:2425 [inline]
 __arm64_sys_shutdown+0x140/0x19c net/socket.c:2425
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744
 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600

Showing all locks held in the system:
2 locks held by kthreadd/2:
3 locks held by kworker/u8:0/12:
3 locks held by kworker/u8:1/14:
2 locks held by kworker/1:0/24:
2 locks held by kworker/1:1/26:
1 lock held by khungtaskd/32:
 #0: ffff800090127de0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x4/0x48 include/linux/rcupdate.h:330
3 locks held by kworker/u8:2/44:
3 locks held by kworker/u8:3/45:
1 lock held by pr/ttyAMA0/46:
5 locks held by kworker/u9:0/55:
 #0: ffff0000dbfb3948 ((wq_completion)hci1){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000989f7b80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
 #2: ffff0000ecf40d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x194/0x34c net/bluetooth/hci_sync.c:331
 #3: ffff0000ecf40078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x218/0xc60 net/bluetooth/hci_sync.c:5597
 #4: ffff8000931e7b68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2051 [inline]
 #4: ffff8000931e7b68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x13c/0x320 net/bluetooth/hci_conn.c:1269
5 locks held by kworker/u8:4/62:
3 locks held by kworker/u8:5/300:
3 locks held by kworker/u8:6/645:
3 locks held by kworker/u8:7/694:
3 locks held by kworker/u8:8/716:
 #0: ffff0000c0031948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff80009dcb7b80 ((reg_check_chans).work){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
 #2: ffff8000930815a8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
2 locks held by kworker/1:2/1795:
2 locks held by kworker/u8:9/2047:
 #0: ffff0000c0031148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a0d17b80 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
3 locks held by kworker/R-ipv6_/4128:
 #0: ffff0000d2fa3148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a1007b20 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
 #2: ffff8000930815a8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
6 locks held by kworker/R-bat_e/4209:
3 locks held by kworker/u8:10/4381:
2 locks held by syslogd/6074:
3 locks held by udevd/6089:
1 lock held by dhcpcd/6142:
3 locks held by dhcpcd/6143:
2 locks held by getty/6226:
 #0: ffff0000cd2b10a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
 #1: ffff80009c1eb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x46c/0x123c drivers/tty/n_tty.c:2222
4 locks held by kworker/u9:2/6485:
 #0: ffff0000dbfb6948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a3837b80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
 #2: ffff0000eaee0d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x194/0x34c net/bluetooth/hci_sync.c:331
 #3: ffff0000eaee0078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x218/0xc60 net/bluetooth/hci_sync.c:5597
6 locks held by kworker/u9:3/6490:
 #0: ffff0000dbfb5148 ((wq_completion)hci2){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a34f7b80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
 #2: ffff0000ecf44d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x194/0x34c net/bluetooth/hci_sync.c:331
 #3: ffff0000ecf44078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x218/0xc60 net/bluetooth/hci_sync.c:5597
 #4: ffff8000931e7b68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2051 [inline]
 #4: ffff8000931e7b68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x13c/0x320 net/bluetooth/hci_conn.c:1269
 #5: ffff0000edf4eb38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x78/0x518 net/bluetooth/l2cap_core.c:1761
5 locks held by kworker/u9:4/6491:
 #0: ffff0000dbfb2148 ((wq_completion)hci0){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a34e7b80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
 #2: ffff0000dbdccd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x194/0x34c net/bluetooth/hci_sync.c:331
 #3: ffff0000dbdcc078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x218/0xc60 net/bluetooth/hci_sync.c:5597
 #4: ffff8000931e7b68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm include/net/bluetooth/hci_core.h:2051 [inline]
 #4: ffff8000931e7b68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x13c/0x320 net/bluetooth/hci_conn.c:1269
3 locks held by syz-executor/6492:
 #0: ffff0000eaee4d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close net/bluetooth/hci_core.c:481 [inline]
 #0: ffff0000eaee4d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x1f0/0x4b8 net/bluetooth/hci_core.c:2678
 #1: ffff0000eaee4078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x4c8/0x1158 net/bluetooth/hci_sync.c:5213
 #2: ffff8000931e7b68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_disconn_cfm include/net/bluetooth/hci_core.h:2066 [inline]
 #2: ffff8000931e7b68 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xac/0x220 net/bluetooth/hci_conn.c:2701
2 locks held by syz-executor/6493:
2 locks held by kworker/0:3/6535:
 #0: ffff0000c0028d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a2e27b80 (xfrm_state_gc_work){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
4 locks held by kworker/1:5/6559:
 #0: ffff0000c0028d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a2d17b80 (reg_work){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
 #2: ffff8000930815a8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
 #3: ffff0000d4ac0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: class_wiphy_constructor include/net/cfg80211.h:6092 [inline]
 #3: ffff0000d4ac0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: reg_process_self_managed_hints+0xcc/0x1d0 net/wireless/reg.c:3209
2 locks held by kworker/1:6/6567:
2 locks held by syz.3.222/7156:
1 lock held by syz.3.222/7161:
 #0: ffff0000d5e20dd8 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1615 [inline]
 #0: ffff0000d5e20dd8 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_wait_for_connect net/ipv4/af_inet.c:611 [inline]
 #0: ffff0000d5e20dd8 (sk_lock-AF_INET){+.+.}-{0:0}, at: __inet_stream_connect+0x700/0xc48 net/ipv4/af_inet.c:703
1 lock held by syz.3.222/7162:
 #0: ffff0000d5e20dd8 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1615 [inline]
 #0: ffff0000d5e20dd8 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x74/0x354 net/ipv4/af_inet.c:905
2 locks held by syz.0.226/7147:
4 locks held by syz.2.227/7149:
1 lock held by syz.2.227/7151:
2 locks held by kworker/u8:11/7165:
 #0: ffff0000c0031148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a2807b80 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
3 locks held by kworker/u8:9/7167:
3 locks held by kworker/u8:12/7168:
 #0: ffff0000c0031948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x674/0x1638 kernel/workqueue.c:3212
 #1: ffff8000a3f97b80 ((crda_timeout).work){+.+.}-{0:0}, at: process_one_work+0x708/0x1638 kernel/workqueue.c:3212
 #2: ffff8000930815a8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c net/core/rtnetlink.c:80
3 locks held by kworker/u8:11/7170:
2 locks held by syz-executor/7171:

=============================================