INFO: task udevd:10411 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:udevd state:D stack:0 pid:10411 tgid:10411 ppid:3102 flags:0x00000005 Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_open+0x2c4/0xa84 block/bdev.c:897 blkdev_open+0x24c/0x37c block/fops.c:630 do_dentry_open+0x50c/0x1068 fs/open.c:959 vfs_open+0x5c/0x2fc fs/open.c:1089 do_open fs/namei.c:3727 [inline] path_openat+0x16dc/0x2380 fs/namei.c:3886 do_filp_open+0x16c/0x330 fs/namei.c:3913 do_sys_openat2+0x12c/0x160 fs/open.c:1416 do_sys_open fs/open.c:1431 [inline] __do_sys_openat fs/open.c:1447 [inline] __se_sys_openat fs/open.c:1442 [inline] __arm64_sys_openat+0x12c/0x1b8 fs/open.c:1442 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x6c/0x258 arch/arm64/kernel/syscall.c:49 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x40/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x50/0x180 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz.1.2664:10422 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.2664 state:D stack:0 pid:10422 tgid:10422 ppid:9894 flags:0x0000000d Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_release+0x104/0x510 block/bdev.c:1080 blkdev_release+0x14/0x24 block/fops.c:638 __fput+0x2c4/0x964 fs/file_table.c:422 ____fput+0x10/0x1c fs/file_table.c:450 task_work_run+0x128/0x210 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] do_notify_resume+0x1d4/0x25c arch/arm64/kernel/entry-common.c:151 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline] el0_svc+0x100/0x180 arch/arm64/kernel/entry-common.c:713 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz.1.2664:10423 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.2664 state:D stack:0 pid:10423 tgid:10422 ppid:9894 flags:0x00000009 Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_release+0x104/0x510 block/bdev.c:1080 blkdev_release+0x14/0x24 block/fops.c:638 __fput+0x2c4/0x964 fs/file_table.c:422 ____fput+0x10/0x1c fs/file_table.c:450 task_work_run+0x128/0x210 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] do_notify_resume+0x1d4/0x25c arch/arm64/kernel/entry-common.c:151 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline] el0_svc+0x100/0x180 arch/arm64/kernel/entry-common.c:713 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 Showing all locks held in the system: 1 lock held by khungtaskd/31: #0: ffff800086c62ae0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x44/0x2d4 kernel/locking/lockdep.c:6620 2 locks held by kworker/u8:3/55: 3 locks held by syslogd/3087: 2 locks held by getty/3222: #0: ffff0000146e70a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340 #1: ffff80008cc2b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x93c/0xe9c drivers/tty/n_tty.c:2211 3 locks held by syz-executor/3276: 3 locks held by kworker/0:3/9273: 1 lock held by udevd/10411: #0: ffff0000163444c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x2c4/0xa84 block/bdev.c:897 1 lock held by syz.1.2664/10422: #0: ffff0000163444c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x104/0x510 block/bdev.c:1080 1 lock held by syz.1.2664/10423: #0: ffff0000163444c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x104/0x510 block/bdev.c:1080 1 lock held by syz.1.2664/10424: #0: ffff0000163444c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x2c4/0xa84 block/bdev.c:897 2 locks held by syz.1.3228/12034: 2 locks held by syz.0.3229/12035: ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:319 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:326 __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0xa4/0xf4 lib/dump_stack.c:119 dump_stack+0x1c/0x28 lib/dump_stack.c:128 nmi_cpu_backtrace+0x1b0/0x274 lib/nmi_backtrace.c:113 nmi_trigger_cpumask_backtrace+0x25c/0x300 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x18/0x24 arch/arm64/kernel/smp.c:926 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline] watchdog+0xa74/0xd40 kernel/hung_task.c:379 kthread+0x27c/0x300 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 3276 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 Hardware name: linux,dummy-virt (DT) pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : preempt_count+0x0/0x58 arch/arm64/include/asm/preempt.h:12 lr : check_preemption_disabled+0x30/0xe4 lib/smp_processor_id.c:16 sp : ffff8000a09f74d0 x29: ffff8000a09f74d0 x28: 0000000000000001 x27: dfff800000000000 x26: ffff8000a09f7880 x25: ffff8000a09f7b30 x24: 0000ffffb1eb6000 x23: ffff8000850bf910 x22: ffff8000854221a0 x21: ffff800085422160 x20: 0000000000000000 x19: ffff0000193cda00 x18: 000000003bbd0095 x17: 0000000000000000 x16: 0000000000000000 x15: ffff0000193ce480 x14: 1fffe00003279c8f x13: 1fffe00003279ca3 x12: 0000000000000028 x11: 0000000000000000 x10: 1ffff0001106a78c x9 : 1ffff000111cd5aa x8 : fb9d5ad7d6032859 x7 : 0000000053bbd009 x6 : ffff0000193ce4f8 x5 : 000000000000000a x4 : 00000000ea6c1aee x3 : 1fffe00003279b41 x2 : 0000000000000000 x1 : ffff800085422160 x0 : ffff8000854221a0 Call trace: preempt_count+0x0/0x58 arch/arm64/include/asm/memory.h:227 debug_smp_processor_id+0x20/0x2c lib/smp_processor_id.c:60 rcu_dynticks_curr_cpu_in_eqs include/linux/context_tracking.h:124 [inline] rcu_is_watching+0x80/0x174 kernel/rcu/tree.c:726 rcu_read_lock_held_common kernel/rcu/update.c:109 [inline] rcu_read_lock_held+0x2c/0x70 kernel/rcu/update.c:349 lookup_page_ext mm/page_ext.c:254 [inline] page_ext_get+0x10c/0x224 mm/page_ext.c:526 page_table_check_clear.part.0+0x54/0x2e0 mm/page_table_check.c:74 page_table_check_clear mm/page_table_check.c:70 [inline] __page_table_check_pte_clear+0x224/0x3f0 mm/page_table_check.c:169 page_table_check_pte_clear include/linux/page_table_check.h:49 [inline] __ptep_get_and_clear arch/arm64/include/asm/pgtable.h:1223 [inline] __clear_full_ptes arch/arm64/include/asm/pgtable.h:1232 [inline] clear_full_ptes arch/arm64/include/asm/pgtable.h:1628 [inline] zap_present_folio_ptes mm/memory.c:1506 [inline] zap_present_ptes mm/memory.c:1576 [inline] zap_pte_range mm/memory.c:1618 [inline] zap_pmd_range mm/memory.c:1736 [inline] zap_pud_range mm/memory.c:1765 [inline] zap_p4d_range mm/memory.c:1786 [inline] unmap_page_range+0xec4/0x22bc mm/memory.c:1807 unmap_single_vma.constprop.0+0xb4/0x188 mm/memory.c:1853 unmap_vmas+0x194/0x318 mm/memory.c:1897 exit_mmap+0x12c/0x94c mm/mmap.c:3412 __mmput+0xa8/0x340 kernel/fork.c:1345 mmput+0x88/0x98 kernel/fork.c:1367 exit_mm kernel/exit.c:571 [inline] do_exit+0x6d4/0x1fc4 kernel/exit.c:869 do_group_exit+0xa4/0x208 kernel/exit.c:1031 __do_sys_exit_group kernel/exit.c:1042 [inline] __se_sys_exit_group kernel/exit.c:1040 [inline] __arm64_sys_exit_group+0x3c/0x44 kernel/exit.c:1040 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x6c/0x258 arch/arm64/kernel/syscall.c:49 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x40/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x50/0x180 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598