syzbot

INFO: task syz-executor235:5029 blocked for more than 143 seconds.
      Not tainted 6.5.0-rc4-syzkaller-00211-ge6fda526d9db #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor235 state:D stack:27920 pid:5029  ppid:5025   flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5381 [inline]
 __schedule+0x1873/0x48f0 kernel/sched/core.c:6710
 schedule+0xc3/0x180 kernel/sched/core.c:6786
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:6845
 rwsem_down_read_slowpath+0x5f4/0x950 kernel/locking/rwsem.c:1086
 __down_read_common kernel/locking/rwsem.c:1250 [inline]
 __down_read kernel/locking/rwsem.c:1263 [inline]
 down_read+0x9c/0x2f0 kernel/locking/rwsem.c:1522
 iterate_supers+0xb0/0x1e0 fs/super.c:742
 ksys_sync+0xbd/0x1c0 fs/sync.c:102
 __do_sys_sync+0xe/0x20 fs/sync.c:113
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f9f1ed597c9
RSP: 002b:00007f9f1ecf5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
RAX: ffffffffffffffda RBX: 00007f9f1ede16d8 RCX: 00007f9f1ed597c9
RDX: 00007f9f1ed597c9 RSI: 00000000000f4240 RDI: 0000000000000081
RBP: 00007f9f1ede16d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9f1edae5c0
R13: 00007f9f1edad0c0 R14: 00007f9f1edad07e R15: 0030656c69662f2e
 </TASK>

Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/13:
 #0: ffffffff8d328db0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xd20 kernel/rcu/tasks.h:522
1 lock held by rcu_tasks_trace/14:
 #0: ffffffff8d329170 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xd20 kernel/rcu/tasks.h:522
1 lock held by khungtaskd/28:
 #0: ffffffff8d328be0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
3 locks held by syslogd/4453:
 #0: ffff8880b993bf98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 kernel/sched/core.c:558
 #1: ffff88807e261e20 (&mm->mmap_lock){++++}-{3:3}, at: psi_task_switch+0x441/0x770 kernel/sched/psi.c:999
 #2: ffffffff8d328be0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x40 include/linux/rcupdate.h:302
2 locks held by getty/4772:
 #0: ffff88814adb3098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc900015a02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b1/0x1dc0 drivers/tty/n_tty.c:2187
1 lock held by syz-executor235/5028:
1 lock held by syz-executor235/5029:
 #0: ffff8880132e60e0 (&type->s_umount_key#63){.+.+}-{3:3}, at: iterate_supers+0xb0/0x1e0 fs/super.c:742

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.5.0-rc4-syzkaller-00211-ge6fda526d9db #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106
 nmi_cpu_backtrace+0x498/0x4d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x187/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:222 [inline]
 watchdog+0xec2/0xf00 kernel/hung_task.c:379
 kthread+0x2b8/0x350 kernel/kthread.c:389
 ret_from_fork+0x2e/0x60 arch/x86/kernel/process.c:145
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 5028 Comm: syz-executor235 Not tainted 6.5.0-rc4-syzkaller-00211-ge6fda526d9db #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023
RIP: 0010:get_current arch/x86/include/asm/current.h:41 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x60 kernel/kcov.c:206
Code: 00 00 f3 0f 1e fa 53 48 89 fb e8 13 00 00 00 48 8b 3d e4 bf 0c 0d 48 89 de 5b e9 83 f8 57 00 0f 1f 00 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0d b0 0d 78 7e 65 8b 15 b1 0d 78 7e f7 c2 00 01 ff 00 74
RSP: 0018:ffffc90003bcf628 EFLAGS: 00000202
RAX: ffffffff82041d2c RBX: 0000000000000001 RCX: ffffffff82041cf4
RDX: ffff888027e7bb80 RSI: ffffffff8b58a3a0 RDI: ffffffff8b58a360
RBP: 0000000000000001 R08: ffffffff82041d1a R09: 1ffffffff1d30ca5
R10: dffffc0000000000 R11: fffffbfff1d30ca6 R12: ffff888075efcae0
R13: 00000000000000a0 R14: 0000000000000000 R15: dffffc0000000000
FS:  00007f9f1ed166c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000562f7bae7680 CR3: 00000000277dd000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <TASK>
 trace_block_touch_buffer include/trace/events/block.h:45 [inline]
 touch_buffer+0x9c/0x210 fs/buffer.c:63
 __find_get_block+0x2d3/0x10e0 fs/buffer.c:1423
 __getblk_gfp+0x2f/0x630 fs/buffer.c:1441
 __bread_gfp+0x2e/0x380 fs/buffer.c:1479
 sb_bread include/linux/buffer_head.h:351 [inline]
 exfat_get_dentry+0x53b/0x730 fs/exfat/dir.c:769
 exfat_create_upcase_table+0x259/0xfa0 fs/exfat/nls.c:764
 __exfat_fill_super fs/exfat/super.c:597 [inline]
 exfat_fill_super+0x1206/0x2b80 fs/exfat/super.c:649
 get_tree_bdev+0x468/0x6c0 fs/super.c:1318
 vfs_get_tree+0x8c/0x270 fs/super.c:1519
 do_new_mount+0x28f/0xae0 fs/namespace.c:3335
 do_mount fs/namespace.c:3675 [inline]
 __do_sys_mount fs/namespace.c:3884 [inline]
 __se_sys_mount+0x2d9/0x3c0 fs/namespace.c:3861
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f9f1ed5abea
Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f9f1ed16088 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f9f1ed5abea
RDX: 0000000020001500 RSI: 0000000020000140 RDI: 00007f9f1ed160a0
RBP: 00007f9f1ed160a0 R08: 00007f9f1ed160e0 R09: 00000000000014f8
R10: 0000000000000800 R11: 0000000000000286 R12: 00007f9f1ed160e0
R13: 0000000000000800 R14: 0000000000000004 R15: 0000000000020101
 </TASK>
INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.566 msecs