INFO: task syz.2.6286:30623 blocked for more than 143 seconds.
Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.6286 state:D stack:23432 pid:30623 tgid:30617 ppid:30106 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5408 [inline]
__schedule+0xf15/0x5d00 kernel/sched/core.c:6745
__schedule_loop kernel/sched/core.c:6822 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6837
io_schedule+0xbf/0x130 kernel/sched/core.c:9043
folio_wait_bit_common+0x3d8/0x9b0 mm/filemap.c:1307
folio_put_wait_locked mm/filemap.c:1471 [inline]
do_read_cache_folio+0x2e2/0x540 mm/filemap.c:3770
read_mapping_folio include/linux/pagemap.h:906 [inline]
read_part_sector+0xd3/0x410 block/partitions/core.c:712
adfspart_check_POWERTEC+0x8f/0x710 block/partitions/acorn.c:454
check_partition block/partitions/core.c:138 [inline]
blk_add_partitions block/partitions/core.c:579 [inline]
bdev_disk_changed+0x71f/0x14f0 block/partitions/core.c:683
blkdev_get_whole+0x187/0x290 block/bdev.c:700
bdev_open+0x2c7/0xe50 block/bdev.c:909
blkdev_open+0x17b/0x1f0 block/fops.c:615
do_dentry_open+0x91f/0x15f0 fs/open.c:955
vfs_open+0x82/0x3f0 fs/open.c:1086
do_open fs/namei.c:3654 [inline]
path_openat+0x21fc/0x2e50 fs/namei.c:3813
do_filp_open+0x1dc/0x430 fs/namei.c:3840
do_sys_openat2+0x17a/0x1e0 fs/open.c:1413
do_sys_open fs/open.c:1428 [inline]
__do_sys_openat fs/open.c:1444 [inline]
__se_sys_openat fs/open.c:1439 [inline]
__x64_sys_openat+0x175/0x210 fs/open.c:1439
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f00ae174610
RSP: 002b:00007f00aee5fb80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f00ae174610
RDX: 0000000000000000 RSI: 00007f00aee5fc20 RDI: 00000000ffffff9c
RBP: 00007f00aee5fc20 R08: 0000000000000000 R09: 002364626e2f7665
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000000006e R14: 00007f00ae304038 R15: 00007fffcfa4ac08
INFO: task syz.2.6286:30624 blocked for more than 145 seconds.
Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.2.6286 state:D stack:27680 pid:30624 tgid:30617 ppid:30106 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:5408 [inline]
__schedule+0xf15/0x5d00 kernel/sched/core.c:6745
__schedule_loop kernel/sched/core.c:6822 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6837
schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6894
__mutex_lock_common kernel/locking/mutex.c:684 [inline]
__mutex_lock+0x5b8/0x9c0 kernel/locking/mutex.c:752
bdev_release+0x166/0x6f0 block/bdev.c:1080
blkdev_release+0x15/0x20 block/fops.c:623
__fput+0x408/0xbb0 fs/file_table.c:422
task_work_run+0x14e/0x250 kernel/task_work.c:180
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
exit_to_user_mode_loop kernel/entry/common.c:114 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0x275/0x2a0 kernel/entry/common.c:218
do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f00ae175bd9
RSP: 002b:00007f00adbff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: 0000000000000000 RBX: 00007f00ae304110 RCX: 00007f00ae175bd9
RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000007
RBP: 00007f00ae1e4e60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007f00ae304110 R15: 00007fffcfa4ac08
Showing all locks held in the system:
1 lock held by khungtaskd/30:
#0: ffffffff8dbb1620 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
#0: ffffffff8dbb1620 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline]
#0: ffffffff8dbb1620 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 kernel/locking/lockdep.c:6614
3 locks held by kworker/u8:7/2445:
#0: ffff88802a921948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3223
#1: ffff8880b9328a08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2d9/0x900 kernel/sched/psi.c:988
#2: ffffffff8f748128 (rtnl_mutex){+.+.}-{3:3}, at: bond_netdev_notify_work+0x7d/0x2c0 drivers/net/bonding/bond_main.c:1750
2 locks held by getty/4845:
#0: ffff88802b4560a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc8/0x1490 drivers/tty/n_tty.c:2211
5 locks held by kworker/u8:19/19623:
#0: ffff8880162d3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1277/0x1b40 kernel/workqueue.c:3223
#1: ffffc90003ee7d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1b40 kernel/workqueue.c:3224
#2: ffffffff8f732e90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xbf0 net/core/net_namespace.c:594
#3: ffff888069a1d408 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_destruct+0x151/0x3d0 drivers/net/wireguard/device.c:249
#4: ffffffff8dbbcdb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:323
4 locks held by kworker/u8:20/19625:
3 locks held by kworker/u8:22/19630:
#0: ffff8880b923ebd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:567 [inline]
#0: ffff8880b923ebd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 kernel/sched/core.c:552
#1: ffff8880b9228a08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x20c/0x900 kernel/sched/psi.c:976
#2: ffff888051d18768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: wiphy_lock include/net/cfg80211.h:5966 [inline]
#2: ffff888051d18768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: cfg80211_wiphy_work+0x2b/0x330 net/wireless/core.c:424
1 lock held by syz.2.6286/30623:
#0: ffff8880209e74c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x41a/0xe50 block/bdev.c:897
1 lock held by syz.2.6286/30624:
#0: ffff8880209e74c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x166/0x6f0 block/bdev.c:1080
1 lock held by syz.1.6485/31344:
#0: ffffffff8dbbcc80 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x48/0x6c0 kernel/rcu/tree.c:4448
4 locks held by syz-executor/31347:
#0: ffff888029c74420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 fs/read_write.c:643
#1: ffff88804e6da088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 fs/kernfs/file.c:325
#2: ffff888019f34e18 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 fs/kernfs/file.c:326
#3: ffffffff8ed831a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x187/0x730 drivers/net/netdevsim/bus.c:166
6 locks held by syz-executor/31350:
#0: ffff888029c74420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12f/0x260 fs/read_write.c:643
#1: ffff88807a074488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x281/0x500 fs/kernfs/file.c:325
#2: ffff888019f34f08 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2a4/0x500 fs/kernfs/file.c:326
#3: ffffffff8ed831a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x4b0 drivers/net/netdevsim/bus.c:216
#4: ffff88806132b0e8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:1009 [inline]
#4: ffff88806132b0e8 (&dev->mutex){....}-{3:3}, at: __device_driver_lock drivers/base/dd.c:1093 [inline]
#4: ffff88806132b0e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xa4/0x610 drivers/base/dd.c:1290
#5: ffff888061328250 (&devlink->lock_key#88){+.+.}-{3:3}, at: nsim_drv_remove+0x4a/0x1d0 drivers/net/netdevsim/dev.c:1672
1 lock held by syz-executor/31374:
#0: ffffffff8dbbcdb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x282/0x3b0 kernel/rcu/tree_exp.h:291
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114
nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]
watchdog+0xf86/0x1240 kernel/hung_task.c:379
kthread+0x2c1/0x3a0 kernel/kthread.c:389
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 31350 Comm: syz-executor Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
RIP: 0010:check_wait_context kernel/locking/lockdep.c:4799 [inline]
RIP: 0010:__lock_acquire+0x5f9/0x3b30 kernel/locking/lockdep.c:5087
Code: 49 63 c6 48 8d 04 80 49 8d 7c c5 00 e8 a0 54 ff ff 48 8d b8 c4 00 00 00 48 89 f9 49 89 f8 48 c1 e9 03 41 83 e0 07 0f b6 0c 29 <44> 38 c1 7f 08 84 c9 0f 85 72 22 00 00 0f b6 88 c4 00 00 00 84 c9
RSP: 0018:ffffc9000332f3d8 EFLAGS: 00000002
RAX: ffffffff9427b288 RBX: ffff888020bcda00 RCX: 0000000000000000
RDX: fffffbfff284ca5f RSI: 0000000000000008 RDI: ffffffff9427b34c
RBP: dffffc0000000000 R08: 0000000000000004 R09: fffffbfff284ca5e
R10: ffffffff942652f7 R11: 0000000000000003 R12: ffffed1004179c9b
R13: ffff888020bce4e0 R14: 0000000000000000 R15: 0000000000000004
FS: 0000000000000000(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f6be7288889 CR3: 000000004eeda000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
lock_acquire kernel/locking/lockdep.c:5754 [inline]
lock_acquire+0x1b1/0x560 kernel/locking/lockdep.c:5719
rcu_lock_acquire include/linux/rcupdate.h:329 [inline]
rcu_read_lock_sched include/linux/rcupdate.h:873 [inline]
pfn_valid include/linux/mmzone.h:2021 [inline]
page_table_check_clear mm/page_table_check.c:70 [inline]
__page_table_check_pte_clear+0x1c0/0x570 mm/page_table_check.c:169
page_table_check_pte_clear include/linux/page_table_check.h:49 [inline]
ptep_get_and_clear_full arch/x86/include/asm/pgtable.h:1279 [inline]
get_and_clear_full_ptes include/linux/pgtable.h:678 [inline]
zap_present_folio_ptes mm/memory.c:1481 [inline]
zap_present_ptes mm/memory.c:1564 [inline]
zap_pte_range mm/memory.c:1606 [inline]
zap_pmd_range mm/memory.c:1724 [inline]
zap_pud_range mm/memory.c:1753 [inline]
zap_p4d_range mm/memory.c:1774 [inline]
unmap_page_range+0x2479/0x3f20 mm/memory.c:1795
unmap_single_vma+0x194/0x2b0 mm/memory.c:1841
unmap_vmas+0x22f/0x490 mm/memory.c:1885
exit_mmap+0x1b8/0xb20 mm/mmap.c:3341
__mmput+0x12a/0x4d0 kernel/fork.c:1346
mmput+0x62/0x70 kernel/fork.c:1368
exit_mm kernel/exit.c:567 [inline]
do_exit+0x9b7/0x2ba0 kernel/exit.c:863
do_group_exit+0xd3/0x2a0 kernel/exit.c:1025
get_signal+0x2616/0x2710 kernel/signal.c:2909
arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:310
exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0x14a/0x2a0 kernel/entry/common.c:218
do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f3d2677475f
Code: Unable to access opcode bytes at 0x7f3d26774735.
RSP: 002b:00007ffc3ed381f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
RAX: 0000000000000001 RBX: 0000000000000005 RCX: 00007f3d2677475f
RDX: 0000000000000001 RSI: 00007ffc3ed38240 RDI: 0000000000000005
RBP: 00007f3d267e45a0 R08: 0000000000000000 R09: 00007ffc3ed38047
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
R13: 00007ffc3ed38240 R14: 00007f3d27434620 R15: 0000000000000003