BUG: soft lockup in __cleanup

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
android-5-15	BUG: soft lockup in __cleanup_mnt				1	73d	73d	0/2	premoderation: reported on 2024/06/26 15:48
watchdog: BUG: soft lockup - CPU#1 stuck for 21s! [syz-executor:6289]
Modules linked in:
irq event stamp: 1034258
hardirqs last  enabled at (1034257): [<ffff8000803cae50>] __call_rcu_common kernel/rcu/tree.c:3094 [inline]
hardirqs last  enabled at (1034257): [<ffff8000803cae50>] call_rcu+0x648/0xb08 kernel/rcu/tree.c:3176
hardirqs last disabled at (1034258): [<ffff80008afc1a54>] __el1_irq arch/arm64/kernel/entry-common.c:533 [inline]
hardirqs last disabled at (1034258): [<ffff80008afc1a54>] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:551
softirqs last  enabled at (997786): [<ffff80008003067c>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (997784): [<ffff800080030648>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
CPU: 1 PID: 6289 Comm: syz-executor Not tainted 6.10.0-rc7-syzkaller-gc912bf709078 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_local_irq_restore+0x8/0xc arch/arm64/include/asm/irqflags.h:197
lr : lock_is_held_type+0x150/0x1a8 kernel/locking/lockdep.c:5827
sp : ffff80009a8675c0
x29: ffff80009a8675c0 x28: 1fffe00019820922 x27: 0000000000000008
x26: ffff0000d8a73c80 x25: ffff80008f047000 x24: 00007dfe9aa1c3a0
x23: fffffdffbf75e3a4 x22: ffff0000d8a73c80 x21: ffff80008f2d7ac0
x20: 0000000000000000 x19: 0000000000000000 x18: ffff80009a867180
x17: 0000000000030dac x16: ffff80008032b884 x15: 0000000000000001
x14: ffff80008f100568 x13: dfff800000000000 x12: 000000002d2a6f2c
x11: 0000000000000003 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : 00000000000000c0 x7 : ffff800080c518e0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001
x2 : 0000000000000000 x1 : 0000000000000080 x0 : 0000000000000000
Call trace:
 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline]
 arch_local_irq_restore+0x8/0xc arch/arm64/include/asm/irqflags.h:195
 lock_is_held include/linux/lockdep.h:231 [inline]
 __might_resched+0x48/0x4d0 kernel/sched/core.c:10158
 __might_sleep+0x90/0xe4 kernel/sched/core.c:10125
 dput+0x34/0x290 fs/dcache.c:840
 cleanup_mnt+0x330/0x3dc fs/namespace.c:1266
 __cleanup_mnt+0x20/0x30 fs/namespace.c:1274
 task_work_run+0x230/0x2e0 kernel/task_work.c:180
 exit_task_work include/linux/task_work.h:38 [inline]
 do_exit+0x4e4/0x1ac8 kernel/exit.c:876
 do_group_exit+0x194/0x22c kernel/exit.c:1025
 get_signal+0x1414/0x1530 kernel/signal.c:2909
 do_signal+0x238/0x2924 arch/arm64/kernel/signal.c:1308
 do_notify_resume+0x74/0x1f4 arch/arm64/kernel/entry-common.c:148
 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline]
 el0_svc+0xac/0x168 arch/arm64/kernel/entry-common.c:713
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 8087 Comm: syz-executor Not tainted 6.10.0-rc7-syzkaller-gc912bf709078 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_kcov_mode kernel/kcov.c:175 [inline]
pc : write_comp_data kernel/kcov.c:236 [inline]
pc : __sanitizer_cov_trace_const_cmp8+0x34/0x80 kernel/kcov.c:311
lr : generic_test_bit include/asm-generic/bitops/generic-non-atomic.h:128 [inline]
lr : folio_test_unevictable include/linux/page-flags.h:596 [inline]
lr : folio_mark_accessed+0xfc/0x6a4 mm/swap.c:472
sp : ffff8000a00b6f70
x29: ffff8000a00b6f80 x28: 0000000000000000 x27: 1fffffbff86ed168
x26: 1fffffbff86ed169 x25: dfff800000000000 x24: dfff800000000000
x23: 1fffe0001b193b6e x22: 0000000000000000 x21: 05ffc0000000512c
x20: fffffdffc3768b48 x19: fffffdffc3768b40 x18: ffff0001fea899d0
x17: ffff80008f0fd000 x16: ffff800082f8f174 x15: 0000000000000001
x14: 1fffe000180e5a2d x13: 0000000000000000 x12: 0000000000000000
x11: ffff6000180e5a2e x10: 0000000000ff0100 x9 : 0000000000000001
x8 : ffff0000d26d0000 x7 : ffff800080af3b10 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800080af4310
x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
 check_kcov_mode kernel/kcov.c:173 [inline]
 write_comp_data kernel/kcov.c:236 [inline]
 __sanitizer_cov_trace_const_cmp8+0x34/0x80 kernel/kcov.c:311
 zap_present_folio_ptes mm/memory.c:1490 [inline]
 zap_present_ptes mm/memory.c:1564 [inline]
 zap_pte_range mm/memory.c:1606 [inline]
 zap_pmd_range mm/memory.c:1724 [inline]
 zap_pud_range mm/memory.c:1753 [inline]
 zap_p4d_range mm/memory.c:1774 [inline]
 unmap_page_range+0x1b90/0x2e58 mm/memory.c:1795
 unmap_single_vma mm/memory.c:1841 [inline]
 unmap_vmas+0x378/0x598 mm/memory.c:1885
 exit_mmap+0x1cc/0xcb8 mm/mmap.c:3341
 __mmput+0xec/0x390 kernel/fork.c:1346
 mmput+0x70/0xac kernel/fork.c:1368
 exit_mm+0x148/0x210 kernel/exit.c:567
 do_exit+0x468/0x1ac8 kernel/exit.c:863
 do_group_exit+0x194/0x22c kernel/exit.c:1025
 get_signal+0x1414/0x1530 kernel/signal.c:2909
 do_signal+0x238/0x2924 arch/arm64/kernel/signal.c:1308
 do_notify_resume+0x74/0x1f4 arch/arm64/kernel/entry-common.c:148
 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline]
 el0_svc+0xac/0x168 arch/arm64/kernel/entry-common.c:713
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598