syzbot

protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_1
net_ratelimit: 26 callbacks suppressed
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
INFO: task syz-executor4:25939 blocked for more than 140 seconds.
      Not tainted 5.0.0-rc4+ #50
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor4   D28008 25939   8026 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2844 [inline]
 __schedule+0x897/0x1e60 kernel/sched/core.c:3485
 schedule+0xfe/0x350 kernel/sched/core.c:3529
 __rwsem_down_write_failed_common+0xa4d/0x1620 kernel/locking/rwsem-xadd.c:584
 rwsem_down_write_failed+0xe/0x10 kernel/locking/rwsem-xadd.c:613
 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117
 __down_write arch/x86/include/asm/rwsem.h:142 [inline]
 down_write_nested+0xa9/0x130 kernel/locking/rwsem.c:195
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_1
 inode_lock_nested include/linux/fs.h:792 [inline]
 filename_create+0x1a8/0x5a0 fs/namei.c:3635
 user_path_create fs/namei.c:3693 [inline]
 do_mkdirat+0xcf/0x2f0 fs/namei.c:3831
 __do_sys_mkdir fs/namei.c:3855 [inline]
 __se_sys_mkdir fs/namei.c:3853 [inline]
 __x64_sys_mkdir+0x5c/0x80 fs/namei.c:3853
 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x458089
Code: Bad RIP value.
RSP: 002b:00007f143fb79c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000458089
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000300
RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f143fb7a6d4
R13: 00000000004bd807 R14: 00000000004d6d00 R15: 00000000ffffffff

Showing all locks held in the system:
3 locks held by kworker/u4:4/870:
 #0: 00000000c8ad4c7f (&rq->lock){-.-.}, at: idle_balance kernel/sched/fair.c:9933 [inline]
 #0: 00000000c8ad4c7f (&rq->lock){-.-.}, at: pick_next_task_fair+0x13e5/0x1c20 kernel/sched/fair.c:7016
 #1: 000000004d1efd49 (rcu_read_lock){....}, at: __update_idle_core+0xa8/0x5c0 kernel/sched/fair.c:6013
 #2: 00000000c8ad4c7f (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1149 [inline]
 #2: 00000000c8ad4c7f (&rq->lock){-.-.}, at: __schedule+0x21e/0x1e60 kernel/sched/core.c:3423
1 lock held by khungtaskd/1041:
 #0: 000000004d1efd49 (rcu_read_lock){....}, at: debug_show_all_locks+0xc6/0x41d kernel/locking/lockdep.c:4389
1 lock held by rsyslogd/7850:
 #0: 00000000c1c9c6a7 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1b3/0x1f0 fs/file.c:795
2 locks held by getty/7973:
 #0: 00000000c01359d3 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 00000000de8140a2 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7974:
 #0: 00000000bdf84a7f (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 00000000bc72db8b (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7975:
 #0: 00000000be28d9eb (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 00000000522f97a4 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7976:
 #0: 0000000072e11c21 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 0000000037e22d28 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7977:
 #0: 000000005132c58e (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 00000000e3cd2bc5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7978:
 #0: 00000000c715e1f0 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 0000000061aad8a1 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7979:
 #0: 0000000065085a7a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 00000000ae629963 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by syz-executor4/25903:
2 locks held by syz-executor4/25939:
 #0: 0000000064ba5052 (sb_writers#4){.+.+}, at: sb_start_write include/linux/fs.h:1602 [inline]
 #0: 0000000064ba5052 (sb_writers#4){.+.+}, at: mnt_want_write+0x3f/0xc0 fs/namespace.c:357
 #1: 00000000cd436395 (&type->i_mutex_dir_key#3/1){+.+.}, at: inode_lock_nested include/linux/fs.h:792 [inline]
 #1: 00000000cd436395 (&type->i_mutex_dir_key#3/1){+.+.}, at: filename_create+0x1a8/0x5a0 fs/namei.c:3635

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 1041 Comm: khungtaskd Not tainted 5.0.0-rc4+ #50
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1db/0x2d0 lib/dump_stack.c:113
 nmi_cpu_backtrace.cold+0x63/0xa4 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x1be/0x236 lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
 watchdog+0xbbb/0x1170 kernel/hung_task.c:287
 kthread+0x357/0x430 kernel/kthread.c:246
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0x2/0x10 arch/x86/include/asm/irqflags.h:57