INFO: task syz-executor.1:19726 blocked for more than 143 seconds. Not tainted 5.6.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28384 19726 7308 0x00004004 Call Trace: context_switch kernel/sched/core.c:3378 [inline] __schedule+0x805/0xc90 kernel/sched/core.c:4094 schedule+0x188/0x220 kernel/sched/core.c:4168 io_schedule+0x86/0xf0 kernel/sched/core.c:5811 wait_on_page_bit_common+0x8c8/0xdc0 mm/filemap.c:1153 trace_mm_filemap_add_to_page_cache+0x280/0x280 include/trace/events/filemap.h:52 lock_page include/linux/pagemap.h:480 [inline] truncate_inode_pages_range+0x11dd/0x18c0 mm/truncate.c:446 test_bit include/asm-generic/bitops/instrumented-non-atomic.h:110 [inline] hlock_class kernel/locking/lockdep.c:179 [inline] mark_lock+0x102/0x1b00 kernel/locking/lockdep.c:3912 llist_add_batch+0x9b/0xb0 lib/llist.c:35 paravirt_write_msr arch/x86/include/asm/paravirt.h:167 [inline] wrmsrl arch/x86/include/asm/paravirt.h:200 [inline] native_x2apic_icr_write arch/x86/include/asm/apic.h:249 [inline] __x2apic_send_IPI_dest arch/x86/kernel/apic/x2apic_phys.c:112 [inline] x2apic_send_IPI+0x96/0xc0 arch/x86/kernel/apic/x2apic_phys.c:41 arch_send_call_function_single_ipi arch/x86/include/asm/smp.h:122 [inline] generic_exec_single+0x309/0x3e0 kernel/smp.c:180 smp_call_function_single+0x33f/0x430 kernel/smp.c:313 smp_call_function_many_cond+0x701/0x990 kernel/smp.c:446 mark_held_locks kernel/locking/lockdep.c:3628 [inline] __trace_hardirqs_on_caller kernel/locking/lockdep.c:3657 [inline] lockdep_hardirqs_on+0x4a4/0x8a0 kernel/locking/lockdep.c:3702 on_each_cpu_cond_mask+0x19c/0x240 kernel/smp.c:701 has_bh_in_lru+0x2e0/0x2e0 fs/buffer.c:1421 kill_bdev fs/block_dev.c:86 [inline] set_blocksize+0x329/0x3b0 fs/block_dev.c:136 sb_set_blocksize+0x45/0xe0 fs/block_dev.c:145 f2fs_fill_super+0x302/0x94d0 fs/f2fs/super.c:3320 widen_string+0x3a/0x350 lib/vsprintf.c:583 string_nocheck lib/vsprintf.c:608 [inline] string+0x280/0x2c0 lib/vsprintf.c:689 bdev_name+0x298/0x3b0 lib/vsprintf.c:932 pointer+0x23f/0x7c0 lib/vsprintf.c:2238 snprintf+0x6f/0x90 lib/vsprintf.c:2707 mount_bdev+0x232/0x340 fs/super.c:1417 kill_f2fs_super+0x2b0/0x2b0 fs/f2fs/f2fs.h:1722 legacy_get_tree+0xea/0x180 fs/fs_context.c:622 trace_raw_output_f2fs_zip_end+0x1c0/0x1c0 include/trace/events/f2fs.h:1751 vfs_get_tree+0x88/0x270 fs/super.c:1547 do_new_mount fs/namespace.c:2822 [inline] do_mount+0x17d5/0x2440 fs/namespace.c:3107 __do_sys_mount fs/namespace.c:3316 [inline] __se_sys_mount+0xd3/0x100 fs/namespace.c:3293 do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:295 entry_SYSCALL_64_after_hwframe+0x49/0xb3 INFO: task syz-executor.1:19746 blocked for more than 143 seconds. Not tainted 5.6.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28384 19746 7308 0x00004004 Call Trace: context_switch kernel/sched/core.c:3378 [inline] __schedule+0x805/0xc90 kernel/sched/core.c:4094 schedule+0x188/0x220 kernel/sched/core.c:4168 rwsem_down_write_slowpath+0x7d0/0xd60 kernel/locking/rwsem.c:1235 __down_write kernel/locking/rwsem.c:1389 [inline] down_write+0x125/0x130 kernel/locking/rwsem.c:1532 grab_super+0x67/0x2c0 fs/super.c:389 mount_bdev+0x340/0x340 include/linux/blkdev.h:1486 sget+0x1bd/0x4e0 fs/super.c:605 test_bdev_super+0x40/0x40 fs/super.c:1360 mount_bdev+0xe5/0x340 fs/super.c:1390 kill_f2fs_super+0x2b0/0x2b0 fs/f2fs/f2fs.h:1722 legacy_get_tree+0xea/0x180 fs/fs_context.c:622 trace_raw_output_f2fs_zip_end+0x1c0/0x1c0 include/trace/events/f2fs.h:1751 vfs_get_tree+0x88/0x270 fs/super.c:1547 do_new_mount fs/namespace.c:2822 [inline] do_mount+0x17d5/0x2440 fs/namespace.c:3107 __do_sys_mount fs/namespace.c:3316 [inline] __se_sys_mount+0xd3/0x100 fs/namespace.c:3293 do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:295 entry_SYSCALL_64_after_hwframe+0x49/0xb3 Showing all locks held in the system: 1 lock held by khungtaskd/1136: #0: ffffffff892e6710 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 lib/xarray.c:75 1 lock held by in:imklog/6864: #0: ffff88809c4b85f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x25d/0x2f0 fs/file.c:826 2 locks held by agetty/6868: #0: ffff888091c0e098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 drivers/tty/tty_ldisc.c:267 #1: ffffc90000f402e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x260/0x1bc0 drivers/tty/n_tty.c:2156 1 lock held by syz-executor.1/19726: #0: ffff8880a7c440e0 (&type->s_umount_key#62/1){+.+.}-{3:3}, at: alloc_super+0x1b4/0x870 fs/super.c:229 2 locks held by syz-executor.1/19746: #0: ffff888089eb0450 (&bdev->bd_fsfreeze_mutex){+.+.}-{3:3}, at: mount_bdev+0x85/0x340 fs/super.c:1384 #1: ffff8880a7c440e0 (&type->s_umount_key#63){+.+.}-{3:3}, at: grab_super+0x67/0x2c0 fs/super.c:389 ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1136 Comm: khungtaskd Not tainted 5.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1e9/0x30e lib/dump_stack.c:118 nmi_cpu_backtrace+0x9f/0x180 lib/nmi_backtrace.c:101 arch_trigger_cpumask_backtrace+0x10/0x10 arch/x86/kernel/apic/hw_nmi.c:38 nmi_trigger_cpumask_backtrace+0x16a/0x280 lib/nmi_backtrace.c:62 check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline] watchdog+0xd2a/0xd40 kernel/hung_task.c:289 kthread+0x353/0x380 kernel/kthread.c:268 hungtask_pm_notify+0x50/0x50 kernel/hung_task.c:265 kthread_blkcg+0xd0/0xd0 kernel/kthread.c:1247 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 4283 Comm: systemd-journal Not tainted 5.6.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:link_path_walk+0x535/0x1170 fs/namei.c:2215 Code: c1 e8 03 42 80 3c 30 00 74 08 48 89 ef e8 93 7f f2 ff 4c 89 7d 00 48 8b ac 24 80 00 00 00 48 89 e8 48 c1 e8 03 42 80 3c 30 00 <74> 08 48 89 ef e8 71 7f f2 ff 4d 89 e5 4c 89 65 00 48 8b 6c 24 38 RSP: 0018:ffffc90001637c10 EFLAGS: 00000246 RAX: 1ffff920002c6fb3 RBX: ffffc90001637d90 RCX: ffff8880a8f00340 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffc90001637d98 R08: ffffffff81bf88b7 R09: ffffc90001637b78 R10: fffff520002c6f73 R11: 0000000000000000 R12: ffff88809312eea1 R13: ffff88809312eea1 R14: dffffc0000000000 R15: 00000003f53b76d7 FS: 00007ff186f3e8c0(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ff1844ad000 CR3: 00000000931e3000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: path_lookupat+0x59/0x680 fs/namei.c:2435 pv_queued_spin_unlock arch/x86/include/asm/paravirt.h:650 [inline] queued_spin_unlock arch/x86/include/asm/qspinlock.h:55 [inline] do_raw_spin_unlock+0x134/0x8d0 kernel/locking/spinlock_debug.c:139 check_preemption_disabled+0x40/0x240 lib/smp_processor_id.c:16 filename_lookup+0x1b0/0x5d0 fs/namei.c:2466 audit_dummy_context include/linux/audit.h:296 [inline] audit_getname include/linux/audit.h:327 [inline] getname_flags+0x20d/0x610 fs/namei.c:202 user_path_at include/linux/namei.h:58 [inline] do_faccessat+0x2ca/0x780 fs/open.c:398 do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:295 entry_SYSCALL_64_after_hwframe+0x49/0xb3 RIP: 0033:0x7ff1861fa9c7 Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007ffefbd0a2b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 RAX: ffffffffffffffda RBX: 00007ffefbd0d2e0 RCX: 00007ff1861fa9c7 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000563f7b02d9a3 RBP: 00007ffefbd0a400 R08: 0000563f7b0233e5 R09: 0000000000000018 R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 0000563f7c7fc8a0 R15: 00007ffefbd0a8f0