INFO: task syz.9.1542:10948 blocked for more than 143 seconds.
Not tainted 6.1.119-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.9.1542 state:D stack:24088 pid:10948 ppid:10619 flags:0x00004004
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5241 [inline]
__schedule+0x143f/0x4570 kernel/sched/core.c:6558
schedule+0xbf/0x180 kernel/sched/core.c:6634
io_schedule+0x88/0x100 kernel/sched/core.c:8786
folio_wait_bit_common+0x878/0x1290 mm/filemap.c:1324
folio_put_wait_locked mm/filemap.c:1493 [inline]
do_read_cache_folio+0xb9/0x810 mm/filemap.c:3608
erofs_bread+0x19d/0x6b0 fs/erofs/data.c:50
erofs_find_target_block fs/erofs/namei.c:102 [inline]
erofs_namei+0x278/0xef0 fs/erofs/namei.c:175
erofs_lookup+0x1d6/0x4d0 fs/erofs/namei.c:204
__lookup_slow+0x27e/0x3d0 fs/namei.c:1690
lookup_slow+0x53/0x70 fs/namei.c:1707
walk_component fs/namei.c:1998 [inline]
link_path_walk+0x9d6/0xee0 fs/namei.c:2325
path_parentat fs/namei.c:2526 [inline]
__filename_parentat+0x25e/0x6e0 fs/namei.c:2550
filename_parentat fs/namei.c:2568 [inline]
do_unlinkat+0x185/0x820 fs/namei.c:4361
__do_sys_unlink fs/namei.c:4438 [inline]
__se_sys_unlink fs/namei.c:4436 [inline]
__x64_sys_unlink+0x45/0x50 fs/namei.c:4436
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f66ba97fed9
RSP: 002b:00007f66bb77c058 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 00007f66bab45fa0 RCX: 00007f66ba97fed9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200001c0
RBP: 00007f66ba9f3cc8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f66bab45fa0 R15: 00007ffdb8bca118
</TASK>
INFO: task syz.9.1542:10953 blocked for more than 144 seconds.
Not tainted 6.1.119-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.9.1542 state:D stack:25432 pid:10953 ppid:10619 flags:0x00004004
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5241 [inline]
__schedule+0x143f/0x4570 kernel/sched/core.c:6558
schedule+0xbf/0x180 kernel/sched/core.c:6634
io_schedule+0x88/0x100 kernel/sched/core.c:8786
folio_wait_bit_common+0x878/0x1290 mm/filemap.c:1324
lock_page include/linux/pagemap.h:995 [inline]
pickup_page_for_submission fs/erofs/zdata.c:1348 [inline]
z_erofs_submit_queue fs/erofs/zdata.c:1541 [inline]
z_erofs_runqueue+0xa59/0x1e10 fs/erofs/zdata.c:1613
z_erofs_readahead+0xc26/0x1030 fs/erofs/zdata.c:1760
read_pages+0x17f/0x830 mm/readahead.c:161
page_cache_ra_unbounded+0x68b/0x7b0 mm/readahead.c:270
do_page_cache_ra mm/readahead.c:300 [inline]
force_page_cache_ra+0x2a3/0x300 mm/readahead.c:331
force_page_cache_readahead mm/internal.h:125 [inline]
generic_fadvise+0x553/0x7b0 mm/fadvise.c:107
vfs_fadvise mm/fadvise.c:185 [inline]
ksys_fadvise64_64 mm/fadvise.c:199 [inline]
__do_sys_fadvise64 mm/fadvise.c:214 [inline]
__se_sys_fadvise64 mm/fadvise.c:212 [inline]
__x64_sys_fadvise64+0x138/0x180 mm/fadvise.c:212
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f66ba97fed9
RSP: 002b:00007f66bb75b058 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd
RAX: ffffffffffffffda RBX: 00007f66bab46080 RCX: 00007f66ba97fed9
RDX: 0000000000004101 RSI: 0000000000e0ffff RDI: 0000000000000005
RBP: 00007f66ba9f3cc8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f66bab46080 R15: 00007ffdb8bca118
</TASK>
Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
#0: ffffffff8d32b110 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 kernel/rcu/tasks.h:517
1 lock held by rcu_tasks_trace/13:
#0: ffffffff8d32b910 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 kernel/rcu/tasks.h:517
1 lock held by khungtaskd/28:
#0: ffffffff8d32af40 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
#0: ffffffff8d32af40 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:791 [inline]
#0: ffffffff8d32af40 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 kernel/locking/lockdep.c:6510
5 locks held by kworker/u4:4/75:
#0: ffff888017e16938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#1: ffffc900015a7d20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#2: ffffffff8e4fe3d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60 net/core/net_namespace.c:566
#3: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe5/0x9d0 net/core/dev.c:11389
#4: ffffffff8d330538 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:291 [inline]
#4: ffffffff8d330538 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930 kernel/rcu/tree_exp.h:962
1 lock held by dhcpcd/3916:
#0: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x4f5/0xf70 net/core/dev_ioctl.c:587
2 locks held by getty/4007:
#0: ffff88814caec098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 drivers/tty/tty_ldisc.c:244
#1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 drivers/tty/n_tty.c:2198
2 locks held by kworker/u4:8/4348:
3 locks held by kworker/u4:11/4451:
#0: ffff888017c79138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#1: ffffc90004fffd20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#2: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xa/0x50 net/core/link_watch.c:263
3 locks held by kworker/0:0/8972:
#0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#1: ffffc90003ef7d20 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#2: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:104
1 lock held by syz.9.1542/10948:
#0: ffff8880530306f0 (&type->i_mutex_dir_key#22){.+.+}-{3:3}, at: inode_lock_shared include/linux/fs.h:768 [inline]
#0: ffff8880530306f0 (&type->i_mutex_dir_key#22){.+.+}-{3:3}, at: lookup_slow+0x45/0x70 fs/namei.c:1706
1 lock held by syz.9.1542/10953:
#0: ffff888053030890 (mapping.invalidate_lock#10){.+.+}-{3:3}, at: filemap_invalidate_lock_shared include/linux/fs.h:813 [inline]
#0: ffff888053030890 (mapping.invalidate_lock#10){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xed/0x7b0 mm/readahead.c:226
2 locks held by kworker/1:17/11454:
#0: ffff888017c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#1: ffffc90003d0fd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
1 lock held by syz-executor/12850:
#0: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:74 [inline]
#0: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x7c1/0xff0 net/core/rtnetlink.c:6147
1 lock held by syz.3.1930/12919:
#0: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: tun_detach drivers/net/tun.c:698 [inline]
#0: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3a/0x1b0 drivers/net/tun.c:3492
1 lock held by syz.3.1930/12932:
#0: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock net/core/rtnetlink.c:74 [inline]
#0: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x7c1/0xff0 net/core/rtnetlink.c:6147
1 lock held by syz.6.1932/12935:
#0: ffffffff8e50a768 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x465/0x2430 drivers/net/tun.c:3104
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.119-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
nmi_cpu_backtrace+0x4e1/0x560 lib/nmi_backtrace.c:111
nmi_trigger_cpumask_backtrace+0x1ae/0x3f0 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:220 [inline]
watchdog+0xf88/0xfd0 kernel/hung_task.c:377
kthread+0x28d/0x320 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
</TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]
NMI backtrace for cpu 0 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]
NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline]
NMI backtrace for cpu 0 skipped: idling at acpi_idle_do_entry+0x10f/0x340 drivers/acpi/processor_idle.c:567