INFO: task syz-executor.0:10948 blocked for more than 143 seconds.
Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0 state:D stack:28128 pid:10948 tgid:10943 ppid:6471 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:5376 [inline]
__schedule+0xedb/0x5af0 kernel/sched/core.c:6688
__schedule_loop kernel/sched/core.c:6763 [inline]
schedule+0xe9/0x270 kernel/sched/core.c:6778
schedule_timeout+0x257/0x290 kernel/time/timer.c:2143
___down_common kernel/locking/semaphore.c:225 [inline]
__down_common+0x327/0x6d0 kernel/locking/semaphore.c:246
down+0x74/0xa0 kernel/locking/semaphore.c:63
console_lock+0x96/0x150 kernel/printk/printk.c:2640
do_con_write+0x145/0x7f40 drivers/tty/vt/vt.c:2862
con_put_char+0x74/0xa0 drivers/tty/vt/vt.c:3259
tty_put_char+0xbc/0x150 drivers/tty/tty_io.c:3144
do_output_char+0x151/0x830 drivers/tty/n_tty.c:469
process_output drivers/tty/n_tty.c:494 [inline]
n_tty_write+0x4c9/0x1130 drivers/tty/n_tty.c:2390
iterate_tty_write drivers/tty/tty_io.c:1021 [inline]
file_tty_write.constprop.0+0x519/0x9b0 drivers/tty/tty_io.c:1092
call_write_iter include/linux/fs.h:2020 [inline]
new_sync_write fs/read_write.c:491 [inline]
vfs_write+0x64f/0xdf0 fs/read_write.c:584
ksys_write+0x12f/0x250 fs/read_write.c:637
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7fc6c527cae9
RSP: 002b:00007fc6c5ef80c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007fc6c539c050 RCX: 00007fc6c527cae9
RDX: 0000000000001006 RSI: 0000000020001080 RDI: 0000000000000003
RBP: 00007fc6c52c847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007fc6c539c050 R15: 00007fc6c54bfa48
Showing all locks held in the system:
1 lock held by khungtaskd/29:
#0: ffffffff8cfabbe0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:301 [inline]
#0: ffffffff8cfabbe0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:747 [inline]
#0: ffffffff8cfabbe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x75/0x340 kernel/locking/lockdep.c:6614
3 locks held by kworker/u4:3/48:
2 locks held by getty/4818:
#0: ffff88802675b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffffc900015f72f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfc6/0x1490 drivers/tty/n_tty.c:2201
1 lock held by syz-executor.5/6183:
6 locks held by syz-executor.4/10930:
4 locks held by syz-executor.5/10937:
#0: ffff88804739a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffff88804739a130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: tty_write_lock drivers/tty/tty_io.c:954 [inline]
#1: ffff88804739a130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: iterate_tty_write drivers/tty/tty_io.c:973 [inline]
#1: ffff88804739a130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 drivers/tty/tty_io.c:1092
#2: ffff88804739a2e8 (&tty->termios_rwsem){++++}-{3:3}, at: n_tty_write+0x1c8/0x1130 drivers/tty/n_tty.c:2362
#3: ffffc900381d7380 (&ldata->output_lock){+.+.}-{3:3}, at: process_output_block drivers/tty/n_tty.c:529 [inline]
#3: ffffc900381d7380 (&ldata->output_lock){+.+.}-{3:3}, at: n_tty_write+0x539/0x1130 drivers/tty/n_tty.c:2379
4 locks held by syz-executor.0/10948:
#0: ffff888099f190a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
#1: ffff888099f19130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: tty_write_lock drivers/tty/tty_io.c:954 [inline]
#1: ffff888099f19130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: iterate_tty_write drivers/tty/tty_io.c:973 [inline]
#1: ffff888099f19130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 drivers/tty/tty_io.c:1092
#2: ffff888099f192e8 (&tty->termios_rwsem){++++}-{3:3}, at: n_tty_write+0x1c8/0x1130 drivers/tty/n_tty.c:2362
#3: ffffc9003ab25380 (&ldata->output_lock){+.+.}-{3:3}, at: process_output drivers/tty/n_tty.c:491 [inline]
#3: ffffc9003ab25380 (&ldata->output_lock){+.+.}-{3:3}, at: n_tty_write+0x4b5/0x1130 drivers/tty/n_tty.c:2390
1 lock held by syz-executor.2/11018:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_release_struct+0xad/0xe0 drivers/tty/tty_io.c:1702
1 lock held by syz-executor.4/11179:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
1 lock held by syz-executor.3/11186:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
1 lock held by syz-executor.0/11194:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
1 lock held by syz-executor.5/11209:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
1 lock held by syz-executor.1/11218:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
1 lock held by syz-executor.2/11446:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
1 lock held by syz-executor.2/11457:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: ptmx_open drivers/tty/pty.c:823 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: ptmx_open+0xf2/0x350 drivers/tty/pty.c:790
1 lock held by syz-executor.3/11497:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
1 lock held by syz-executor.5/11509:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
1 lock held by syz-executor.0/11517:
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open_by_driver drivers/tty/tty_io.c:2048 [inline]
#0: ffffffff8db70ca8 (tty_mutex){+.+.}-{3:3}, at: tty_open+0x567/0x1010 drivers/tty/tty_io.c:2131
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106
nmi_cpu_backtrace+0x277/0x390 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x299/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:222 [inline]
watchdog+0xf87/0x1210 kernel/hung_task.c:379
kthread+0x2c6/0x3a0 kernel/kthread.c:388
ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 6216 Comm: syz-executor.2 Not tainted 6.7.0-rc4-syzkaller-00009-gbee0e7762ad2 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
RIP: 0010:arch_atomic_try_cmpxchg arch/x86/include/asm/atomic.h:115 [inline]
RIP: 0010:raw_atomic_try_cmpxchg_acquire include/linux/atomic/atomic-arch-fallback.h:2164 [inline]
RIP: 0010:atomic_try_cmpxchg_acquire include/linux/atomic/atomic-instrumented.h:1296 [inline]
RIP: 0010:queued_spin_lock include/asm-generic/qspinlock.h:111 [inline]
RIP: 0010:do_raw_spin_lock+0x13f/0x2b0 kernel/locking/spinlock_debug.c:115
Code: 28 00 00 00 00 e8 a1 b6 75 00 be 04 00 00 00 48 8d 7c 24 28 e8 92 b6 75 00 8b 44 24 28 ba 01 00 00 00 89 44 24 04 f0 0f b1 13 <0f> 85 92 00 00 00 65 44 8b 35 ef 3b 9b 7e 48 b8 00 00 00 00 00 fc
RSP: 0018:ffffc9001fadfc78 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff88802fdf2480 RCX: ffffffff816880be
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc9001fadfca0
RBP: 1ffff92003f5bf90 R08: 0000000000000001 R09: fffff52003f5bf94
R10: 0000000000000003 R11: 0000000000000000 R12: ffff88802fdf2488
R13: ffff88802fdf2490 R14: 0000000000000000 R15: 7fffffffffffffff
FS: 00007fa5150fb6c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c001b32c00 CR3: 000000002b8b9000 CR4: 00000000003506f0
Call Trace:
spin_lock include/linux/spinlock.h:351 [inline]
io_cq_lock io_uring/io_uring.c:658 [inline]
__io_cqring_overflow_flush+0x14c/0x570 io_uring/io_uring.c:711
io_cqring_do_overflow_flush io_uring/io_uring.c:737 [inline]
io_cqring_wait io_uring/io_uring.c:2649 [inline]
__do_sys_io_uring_enter+0x1fcc/0x2690 io_uring/io_uring.c:3760
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x40/0x110 arch/x86/entry/common.c:82
entry_SYSCALL_64_after_hwframe+0x63/0x6b
RIP: 0033:0x7fa51447cae9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa5150fb0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
RAX: ffffffffffffffda RBX: 00007fa51459bf80 RCX: 00007fa51447cae9
RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007fa5144c847a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007fa51459bf80 R15: 00007fa5146bfa48