INFO: task syz-executor:6267 blocked for more than 143 seconds.
      Tainted: G             L      syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:25752 pid:6267  tgid:6267  ppid:1      task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x16f9/0x5500
 rt_mutex_schedule+0x76/0xf0
 rt_mutex_slowlock_block+0x508/0x680
 rt_mutex_slowlock+0x2dc/0x780
 mutex_lock_nested+0x168/0x1d0
 inet_rtm_newaddr+0x404/0x1ad0
 rtnetlink_rcv_msg+0x7d5/0xbe0
 netlink_rcv_skb+0x232/0x4b0
 netlink_unicast+0x780/0x920
 netlink_sendmsg+0x813/0xb40
 sock_sendmsg_nosec+0x112/0x150
 __sys_sendto+0x402/0x590
 __x64_sys_sendto+0xde/0x100
 do_syscall_64+0x15f/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3ddf9ed60e
RSP: 002b:00007ffcd790d6c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 000055558a036500 RCX: 00007f3ddf9ed60e
RDX: 0000000000000028 RSI: 00007f3de07d4670 RDI: 0000000000000003
RBP: 0000000000000001 R08: 00007ffcd790d744 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f3de07d4670 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:6268 blocked for more than 143 seconds.
      Tainted: G             L      syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:25752 pid:6268  tgid:6268  ppid:1      task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x16f9/0x5500
 rt_mutex_schedule+0x76/0xf0
 rt_mutex_slowlock_block+0x508/0x680
 rt_mutex_slowlock+0x2dc/0x780
 mutex_lock_nested+0x168/0x1d0
 inet_rtm_newaddr+0x404/0x1ad0
 rtnetlink_rcv_msg+0x7d5/0xbe0
 netlink_rcv_skb+0x232/0x4b0
 netlink_unicast+0x780/0x920
 netlink_sendmsg+0x813/0xb40
 sock_sendmsg_nosec+0x112/0x150
 __sys_sendto+0x402/0x590
 __x64_sys_sendto+0xde/0x100
 do_syscall_64+0x15f/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa92bc1d60e
RSP: 002b:00007ffdb7049038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 0000555569373500 RCX: 00007fa92bc1d60e
RDX: 0000000000000028 RSI: 00007fa92ca04670 RDI: 0000000000000003
RBP: 0000000000000001 R08: 00007ffdb70490b4 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
R13: 0000000000000000 R14: 00007fa92ca04670 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:6269 blocked for more than 143 seconds.
      Tainted: G             L      syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:25752 pid:6269  tgid:6269  ppid:1      task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x16f9/0x5500
 rt_mutex_schedule+0x76/0xf0
 rt_mutex_slowlock_block+0x508/0x680
 rt_mutex_slowlock+0x2dc/0x780
 mutex_lock_nested+0x168/0x1d0
 rtnl_newlink+0x883/0x1bb0
 rtnetlink_rcv_msg+0x7d5/0xbe0
 netlink_rcv_skb+0x232/0x4b0
 netlink_unicast+0x780/0x920
 netlink_sendmsg+0x813/0xb40
 sock_sendmsg_nosec+0x112/0x150
 __sys_sendto+0x402/0x590
 __x64_sys_sendto+0xde/0x100
 do_syscall_64+0x15f/0xf80
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f404805d60e
RSP: 002b:00007ffeca068088 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 0000555560ead500 RCX: 00007f404805d60e
RDX: 000000000000002c RSI: 00007f4048e44670 RDI: 0000000000000003
RBP: 0000000000000001 R08: 00007ffeca068104 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f4048e44670 R15: 0000000000000000
 </TASK>

Showing all locks held in the system:
4 locks held by ktimers/0/16:
 #0: ffffffff8de5f380 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
 #1: ffffffff8dfc8240 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
 #2: ffff888121028478 (&base->softirq_expiry_lock){+...}-{3:3}, at: hrtimer_run_softirq+0x7f/0x260
 #3: ffffffff8dfc8240 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
1 lock held by rcub/0/19:
 #0: ffffffff8dfcde08 (rcu_state){+.+.}-{0:0}, at: rcu_boost_kthread+0x2fb/0x4b0
1 lock held by khungtaskd/43:
 #0: ffffffff8dfc8240 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
2 locks held by getty/5415:
 #0: ffff8881765cc0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
 #1: ffffc90003f062e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0
3 locks held by kworker/u8:12/21180:
 #0: ffff888173300938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
 #1: ffffc9000570fc40 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
 #2: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
5 locks held by kworker/u10:2/26892:
 #0: ffff8881000ac138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
 #1: ffffc9000780fc40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
 #2: ffff8880122f8310 (&devlink->lock_key#13){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
 #3: ffff888174729d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
 #4: ffffffff8dfc8240 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
6 locks held by kworker/u11:2/28678:
 #0: ffff88818a98b138 ((wq_completion)hci5){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
 #1: ffffc9002a9afc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
 #2: ffff88818b740f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
 #3: ffff88818b7400b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
 #4: ffffffff8f4f26d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
 #5: ffff88819bb21b70 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x92/0x570
5 locks held by kworker/u11:0/18900:
 #0: ffff8881894b0138 ((wq_completion)hci4){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
 #1: ffffc90024f6fc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
 #2: ffff88816bc40f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
 #3: ffff88816bc400b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
 #4: ffffffff8f4f26d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
1 lock held by syz.6.17269/23090:
 #0: ffffffff8dfce430 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
2 locks held by kworker/u10:8/24730:
 #0: ffff8881000ac138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
 #1: ffffc90025ce7c40 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
1 lock held by syz.2.22645/6235:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
1 lock held by syz.5.22655/6262:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
1 lock held by syz-executor/6267:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/6268:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/6269:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0
5 locks held by kworker/u11:5/6276:
 #0: ffff88818a98c138 ((wq_completion)hci6){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
 #1: ffffc90020e0fc40 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
 #2: ffff888179874f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
 #3: ffff8881798740b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0xa6f/0x1190
 #4: ffffffff8f4f26d8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
3 locks held by kworker/u10:9/6278:
 #0: ffff8881000ac138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x897/0x1630
 #1: ffffc9002112fc40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8be/0x1630
 #2: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
1 lock held by syz-executor/6304:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/6311:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/6316:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/6322:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/6331:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by syz-executor/6332:
 #0: ffffffff8f371f78 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0
1 lock held by dhcpcd/6340:
 #0: ffff88816b488358 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe70
1 lock held by dhcpcd/6341:
 #0: ffff8881a6b40358 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe70
1 lock held by dhcpcd/6342:
 #0: ffff88819b8d8358 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe70
1 lock held by dhcpcd/6343:
 #0: ffff88816eac4358 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x33/0xe70

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 43 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150
 nmi_cpu_backtrace+0x274/0x2d0
 nmi_trigger_cpumask_backtrace+0x17a/0x300
 sys_info+0x135/0x170
 watchdog+0xfd3/0x1030
 kthread+0x388/0x470
 ret_from_fork+0x514/0xb70
 ret_from_fork_asm+0x1a/0x30
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
Tainted: [L]=SOFTLOCKUP
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:native_apic_msr_write+0x39/0x50
Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 e9 40 df b6 09 cc 89 f6 31 d2 e9 16 18 73 03 66 0f 1f 44 00
RSP: 0018:ffffc90000157bd0 EFLAGS: 00000046
RAX: 00000000000000d0 RBX: ffff888121023c40 RCX: 0000000000000838
RDX: 0000000000000000 RSI: 00000000000000d0 RDI: 0000000000000838
RBP: ffffc90000157c88 R08: 0000000000000000 R09: 0000000000000100
R10: 0000000000000100 R11: ffffffff81744440 R12: 00000000000000d0
R13: dffffc0000000000 R14: 0000000010004d2c R15: 0000000000000020
FS:  0000000000000000(0000) GS:ffff88818e91f000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f6130b65000 CR3: 0000000177ae4000 CR4: 00000000000006f0
Call Trace:
 <TASK>
 lapic_next_event+0x11/0x20
 clockevents_program_event+0x385/0x630
 hrtimer_run_softirq+0x207/0x260
 handle_softirqs+0x1de/0x6d0
 run_ktimerd+0x69/0x100
 smpboot_thread_fn+0x541/0xa50
 kthread+0x388/0x470
 ret_from_fork+0x514/0xb70
 ret_from_fork_asm+0x1a/0x30
 </TASK>
