INFO: task dhcpcd:5573 blocked for more than 143 seconds.
      Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:dhcpcd          state:D stack:20200 pid:5573  tgid:5573  ppid:5572   task_flags:0x400140 flags:0x00004002
Call Trace:
 <TASK>
 __schedule+0x16f5/0x4d00
 schedule+0x165/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x724/0xe80
 rtnl_dumpit+0x92/0x200
 netlink_dump+0x62d/0xe20
 netlink_recvmsg+0x676/0xa30
 sock_recvmsg+0x22c/0x270
 ____sys_recvmsg+0x1c9/0x460
 ___sys_recvmsg+0x1b5/0x510
 __x64_sys_recvmsg+0x198/0x260
 do_syscall_64+0xfa/0x3b0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f0a2a0e191e
RSP: 002b:00007ffd87eb6338 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
RAX: ffffffffffffffda RBX: 00007ffd87eb7460 RCX: 00007f0a2a0e191e
RDX: 0000000000000000 RSI: 00007ffd87eb7380 RDI: 0000000000000011
RBP: 00007ffd87eb73f0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000f20
R13: 00007ffd87eb7364 R14: 00007ffd87eb7380 R15: 00007ffd87eb7370
 </TASK>
INFO: task kworker/u8:3:5851 blocked for more than 147 seconds.
      Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u8:3    state:D stack:24392 pid:5851  tgid:5851  ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: ipv6_addrconf addrconf_verify_work
Call Trace:
 <TASK>
 __schedule+0x16f5/0x4d00
 schedule+0x165/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x724/0xe80
 addrconf_verify_work+0x19/0x30
 process_scheduled_works+0xae1/0x17b0
 worker_thread+0x8a0/0xda0
 kthread+0x711/0x8a0
 ret_from_fork+0x3fc/0x770
 ret_from_fork_asm+0x1a/0x30
 </TASK>
INFO: task syz-executor:7206 blocked for more than 147 seconds.
      Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:24008 pid:7206  tgid:7206  ppid:1      task_flags:0x400140 flags:0x00004006
Call Trace:
 <TASK>
 __schedule+0x16f5/0x4d00
 schedule+0x165/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x724/0xe80
 fib_net_exit_batch+0x22/0xf0
 ops_undo_list+0x525/0x990
 setup_net+0x3e2/0x4b0
 copy_net_ns+0x31b/0x4d0
 create_new_namespaces+0x3f3/0x720
 unshare_nsproxy_namespaces+0x11c/0x170
 ksys_unshare+0x4c8/0x8c0
 __x64_sys_unshare+0x38/0x50
 do_syscall_64+0xfa/0x3b0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4821790127
RSP: 002b:00007ffe3f620cb8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007f48219b5f40 RCX: 00007f4821790127
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
RBP: 00007f48219b6738 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000008
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:7227 blocked for more than 148 seconds.
      Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:24008 pid:7227  tgid:7227  ppid:1      task_flags:0x400140 flags:0x00004006
Call Trace:
 <TASK>
 __schedule+0x16f5/0x4d00
 schedule+0x165/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x724/0xe80
 fib6_rules_net_exit_batch+0x20/0xc0
 ops_undo_list+0x525/0x990
 setup_net+0x3e2/0x4b0
 copy_net_ns+0x31b/0x4d0
 create_new_namespaces+0x3f3/0x720
 unshare_nsproxy_namespaces+0x11c/0x170
 ksys_unshare+0x4c8/0x8c0
 __x64_sys_unshare+0x38/0x50
 do_syscall_64+0xfa/0x3b0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd976190127
RSP: 002b:00007ffcb9b1f1c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007fd9763b5f40 RCX: 00007fd976190127
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
RBP: 00007fd9763b6738 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
 </TASK>
INFO: task syz-executor:7236 blocked for more than 151 seconds.
      Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor    state:D stack:25648 pid:7236  tgid:7236  ppid:1      task_flags:0x400140 flags:0x00004006
Call Trace:
 <TASK>
 __schedule+0x16f5/0x4d00
 schedule+0x165/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x724/0xe80
 wg_netns_pre_exit+0x1c/0x1d0
 ops_undo_list+0x187/0x990
 setup_net+0x3e2/0x4b0
 copy_net_ns+0x31b/0x4d0
 create_new_namespaces+0x3f3/0x720
 unshare_nsproxy_namespaces+0x11c/0x170
 ksys_unshare+0x4c8/0x8c0
 __x64_sys_unshare+0x38/0x50
 do_syscall_64+0xfa/0x3b0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4219190127
RSP: 002b:00007ffcdd87f508 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007f42193b5f40 RCX: 00007f4219190127
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
RBP: 00007f42193b6738 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000008
R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
 </TASK>

Showing all locks held in the system:
5 locks held by kworker/u8:0/12:
 #0: ffff88801b2f6948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
 #1: ffffc900000f7bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
 #2: ffffffff8f50fd50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
 #3: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x990
 #4: ffffffff8e144840 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
4 locks held by kworker/u8:1/13:
3 locks held by kworker/1:0/24:
 #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
 #1: ffffc900001c7bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
 #2: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
1 lock held by khungtaskd/34:
 #0: ffffffff8e13ee60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
2 locks held by dhcpcd/5573:
 #0: ffff888037ec26d0 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: netlink_dump+0xb8/0xe20
 #1: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dumpit+0x92/0x200
2 locks held by getty/5655:
 #0: ffff8881091ef0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
 #1: ffffc900029062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
3 locks held by kworker/u8:3/5851:
 #0: ffff888020cf5948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
 #1: ffffc9000433fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
 #2: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
3 locks held by kworker/u9:4/5994:
 #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
 #1: ffffc9000471fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
 #2: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
2 locks held by syz-executor/7206:
 #0: ffffffff8f50fd50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
 #1: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: fib_net_exit_batch+0x22/0xf0
2 locks held by syz-executor/7227:
 #0: ffffffff8f50fd50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
 #1: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: fib6_rules_net_exit_batch+0x20/0xc0
2 locks held by syz-executor/7236:
 #0: ffffffff8f50fd50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
 #1: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: wg_netns_pre_exit+0x1c/0x1d0
2 locks held by syz-executor/7241:
 #0: ffffffff8f50fd50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
 #1: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: cfg80211_pernet_exit+0x19/0x140
5 locks held by syz-executor/7252:
 #0: ffffffff8f50fd50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
 #1: ffffffff8f274bd0 (devices_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x19a/0x270
 #2: ffffffff8f274d90 (rdma_nets_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x1d2/0x270
 #3: ffff888109ae8f60 (&device->compat_devs_mutex){+.+.}-{4:4}, at: add_one_compat_dev+0xee/0x5c0
 #4: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: ib_get_eth_speed+0x151/0x7b0
2 locks held by syz-executor/7259:
 #0: ffffffff8f50fd50 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
 #1: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
1 lock held by syz-executor/7265:
 #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
1 lock held by syz-executor/7279:
 #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
1 lock held by syz-executor/7286:
 #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
1 lock held by syz-executor/7292:
 #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
1 lock held by syz-executor/7297:
 #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
1 lock held by syz-executor/7302:
 #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
1 lock held by syz-executor/7307:
 #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
1 lock held by syz-executor/7311:
 #0: ffffffff8f51c948 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8 #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250
 nmi_cpu_backtrace+0x39e/0x3d0
 nmi_trigger_cpumask_backtrace+0x17a/0x300
 watchdog+0xfee/0x1030
 kthread+0x711/0x8a0
 ret_from_fork+0x3fc/0x770
 ret_from_fork_asm+0x1a/0x30
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc3-syzkaller-00159-g223e2288f4b8 #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Workqueue: bat_events batadv_dat_purge
RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x83/0x90
Code: 8d 52 28 4d 39 ca 77 22 89 ff 89 f6 49 ff c0 4c 89 01 48 c7 44 11 08 05 00 00 00 48 89 7c 11 10 48 89 74 11 18 48 89 44 11 20 <c3> cc cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90
RSP: 0018:ffffc900001dfa18 EFLAGS: 00000246
RAX: ffffffff8a24f70b RBX: 0000000000000001 RCX: 0000000000000100
RDX: ffff88801c688000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffffc900001dfb30 R08: ffffffff8fa1def7 R09: 1ffffffff1f43bde
R10: dffffc0000000000 R11: fffffbfff1f43bdf R12: ffff888107502180
R13: ffffffff8a24f562 R14: dffffc0000000000 R15: ffffffff8a24f562
FS:  0000000000000000(0000) GS:ffff8881a3c1d000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0c039b6038 CR3: 0000000025524000 CR4: 00000000000006f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 ip6_pol_route+0x30b/0x1180
 fib6_rule_lookup+0x52f/0x6f0
 ip6_route_input+0x6ce/0xa50
 ip6_rcv_finish+0x141/0x2d0
 ip_sabotage_in+0x1e1/0x270
 nf_hook_slow+0xc5/0x220
 NF_HOOK+0x206/0x3a0
 __netif_receive_skb+0xd3/0x380
 netif_receive_skb+0x1cb/0x790
 NF_HOOK+0xa0/0x390
 br_handle_frame_finish+0x14d1/0x19b0
 br_nf_hook_thresh+0x3c6/0x4a0
 br_nf_pre_routing_finish_ipv6+0x948/0xd00
 br_nf_pre_routing_ipv6+0x37e/0x6b0
 br_handle_frame+0x982/0x14c0
 __netif_receive_skb_core+0x10e1/0x4180
 __netif_receive_skb+0x72/0x380
 process_backlog+0x60e/0x14f0
 __napi_poll+0xc7/0x480
 net_rx_action+0x707/0xe30
 handle_softirqs+0x286/0x870
 do_softirq+0xec/0x180
 </IRQ>
 <TASK>
 __local_bh_enable_ip+0x17d/0x1c0
 batadv_dat_purge+0x2da/0x3c0
 process_scheduled_works+0xae1/0x17b0
 worker_thread+0x8a0/0xda0
 kthread+0x711/0x8a0
 ret_from_fork+0x3fc/0x770
 ret_from_fork_asm+0x1a/0x30
 </TASK>
