INFO: task syz.1.1668:12965 blocked for more than 143 seconds.
      Tainted: G             L      syzkaller #0
      Blocked by coredump.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.1.1668      state:D stack:26776 pid:12965 tgid:12965 ppid:5610   task_flags:0x40044c flags:0x00080003
Call Trace:
 <TASK>
 __schedule+0x17b4/0x5680
 schedule+0x164/0x360
 schedule_timeout+0xc3/0x2c0
 wait_for_completion+0x2cc/0x5e0
 __flush_work+0xa17/0xc50
 __cancel_work_sync+0xbe/0x110
 hci_cmd_sync_clear+0x30/0x230
 hci_unregister_dev+0x194/0x5a0
 vhci_release+0x152/0x1a0
 __fput+0x44f/0xa60
 task_work_run+0x1d9/0x270
 do_exit+0x70f/0x22c0
 do_group_exit+0x21b/0x2d0
 get_signal+0x1284/0x1330
 arch_do_signal_or_restart+0xbc/0x830
 exit_to_user_mode_loop+0x86/0x480
 do_syscall_64+0x33e/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe68035d60e
RSP: 002b:00007fe681217f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
RAX: fffffffffffffdfc RBX: 00007fe6812186c0 RCX: 00007fe68035d60e
RDX: 00007fe681217fb0 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007fe680432d69 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe680616038 R14: 00007fe680615fa0 R15: 00007ffdc5ad8f48
 </TASK>

Showing all locks held in the system:
5 locks held by kworker/0:1/10:
 #0: ffff8881052a9940 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
 #1: ffffc900000f7c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
 #2: ffff88810c1521d8 (&dev->mutex){....}-{4:4}, at: hub_event+0x17f/0x4f30
 #3: ffff8881168d31d8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
 #4: ffff88811644e1a0 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
1 lock held by khungtaskd/34:
 #0: ffffffff8e95cda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
3 locks held by kworker/u11:0/55:
 #0: ffff88816a9f1940 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
 #1: ffffc90000bf7c40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
 #2: ffff8881bdf58ea0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
2 locks held by getty/5436:
 #0: ffff8881119ea0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
 #1: ffffc9000346b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13a0
2 locks held by kworker/1:9/10571:
 #0: ffff88810006b140 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
 #1: ffffc90003fd7c40 ((work_completion)(&m->mpeg_thread)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
4 locks held by udevd/16190:
 #0: ffff888113d1b098 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb7/0xe10
 #1: ffff88811a23c080 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x5c/0x420
 #2: ffff8881027a7968 (kn->active#26){++++}-{0:0}, at: kernfs_seq_start+0xb2/0x420
 #3: ffff8881168d31d8 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
2 locks held by syz.7.3310/20427:

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150
 nmi_cpu_backtrace+0x274/0x2d0
 nmi_trigger_cpumask_backtrace+0x17a/0x300
 sys_info+0x135/0x170
 watchdog+0xfd3/0x1030
 kthread+0x388/0x470
 ret_from_fork+0x514/0xb70
 ret_from_fork_asm+0x1a/0x30
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 20427 Comm: syz.7.3310 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:lock_acquire+0x221/0x350
Code: ff ff ff e8 e1 84 06 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 cb 5f 97 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 98 67 92
RSP: 0018:ffffc9000711def8 EFLAGS: 00000282
RAX: 22e039d657c00b00 RBX: 0000000000000000 RCX: 0000000000000046
RDX: 0000000022fcb76b RSI: ffffffff8e21c1b2 RDI: ffffffff8c28b5e0
RBP: ffffffff8176e256 R08: ffffffff8176e256 R09: ffffffff8e95cda0
R10: ffffc9000711e058 R11: ffffffff81b0d910 R12: 0000000000000002
R13: ffffffff8e95cda0 R14: 0000000000000000 R15: 0000000000000246
FS:  0000000000000000(0000) GS:ffff8882a9290000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f103f7ea4c0 CR3: 00000001d223c000 CR4: 00000000000006f0
Call Trace:
 <TASK>
 unwind_next_frame+0xc3/0x2550
 arch_stack_walk+0x11b/0x150
 stack_trace_save+0xa9/0x100
 save_stack+0x122/0x230
 __set_page_owner+0x8d/0x4c0
 post_alloc_hook+0x1f9/0x250
 get_page_from_freelist+0x24ba/0x2540
 __alloc_frozen_pages_noprof+0x18d/0x380
 alloc_pages_mpol+0x235/0x490
 folio_alloc_mpol_noprof+0x39/0x160
 shmem_alloc_and_add_folio+0x442/0xf80
 shmem_get_folio_gfp+0x5a9/0x1670
 shmem_write_begin+0x16c/0x330
 generic_perform_write+0x2e2/0x8f0
 shmem_file_write_iter+0xf8/0x120
 __kernel_write_iter+0x41e/0x880
 dump_user_range+0xc19/0x12c0
 elf_core_dump+0x34c2/0x3ad0
 coredump_write+0x1216/0x1910
 vfs_coredump+0x3807/0x4530
 get_signal+0x1107/0x1330
 arch_do_signal_or_restart+0xbc/0x830
 irqentry_exit+0x284/0x730
 asm_exc_page_fault+0x26/0x30
RIP: 0033:0x7f25d0852877
Code: e8 8e fa ff ff 89 f2 48 8d 3d 0d 40 1b 00 48 8d 35 c4 fa 1d 00 31 c0 e8 e7 f8 ff ff 0f 1f 80 00 00 00 00 53 89 fb 48 83 ec 10 <64> 8b 04 25 a4 ff ff ff 85 c0 74 2a 89 fe 31 c0 bf 3c 00 00 00 e8
RSP: 002b:00007f25cebd70a0 EFLAGS: 00010206
RAX: 0000000000000000 RBX: 000000000000000b RCX: 00007f25d099cdd9
RDX: 00007f25cebd70c0 RSI: 00007f25cebd71f0 RDI: 000000000000000b
RBP: 00007f25d0a32d69 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 00007f25d0c16038 R14: 00007f25d0c15fa0 R15: 00007fff756a0e28
 </TASK>
