INFO: task udevd:8471 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:udevd state:D stack:0 pid:8471 tgid:8471 ppid:3105 flags:0x00000005 Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_open+0x2c4/0xa84 block/bdev.c:897 blkdev_open+0x24c/0x37c block/fops.c:630 do_dentry_open+0x50c/0x1068 fs/open.c:959 vfs_open+0x5c/0x2fc fs/open.c:1089 do_open fs/namei.c:3727 [inline] path_openat+0x16dc/0x2380 fs/namei.c:3886 do_filp_open+0x16c/0x330 fs/namei.c:3913 do_sys_openat2+0x12c/0x160 fs/open.c:1416 do_sys_open fs/open.c:1431 [inline] __do_sys_openat fs/open.c:1447 [inline] __se_sys_openat fs/open.c:1442 [inline] __arm64_sys_openat+0x12c/0x1b8 fs/open.c:1442 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x6c/0x258 arch/arm64/kernel/syscall.c:49 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x40/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x50/0x180 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz.1.1983:8495 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.1983 state:D stack:0 pid:8495 tgid:8495 ppid:3285 flags:0x00000001 Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_release+0x104/0x510 block/bdev.c:1080 blkdev_release+0x14/0x24 block/fops.c:638 __fput+0x2c4/0x964 fs/file_table.c:422 ____fput+0x10/0x1c fs/file_table.c:450 task_work_run+0x128/0x210 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] do_notify_resume+0x1d4/0x25c arch/arm64/kernel/entry-common.c:151 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline] el0_svc+0x100/0x180 arch/arm64/kernel/entry-common.c:713 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz.1.1983:8496 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.1983 state:D stack:0 pid:8496 tgid:8495 ppid:3285 flags:0x00000009 Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_release+0x104/0x510 block/bdev.c:1080 blkdev_release+0x14/0x24 block/fops.c:638 __fput+0x2c4/0x964 fs/file_table.c:422 ____fput+0x10/0x1c fs/file_table.c:450 task_work_run+0x128/0x210 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] do_notify_resume+0x1d4/0x25c arch/arm64/kernel/entry-common.c:151 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline] el0_svc+0x100/0x180 arch/arm64/kernel/entry-common.c:713 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 Showing all locks held in the system: no locks held by rcu_preempt/16. 1 lock held by khungtaskd/31: #0: ffff800086c62ae0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x44/0x2d4 kernel/locking/lockdep.c:6620 2 locks held by kworker/u8:12/2095: 1 lock held by syslogd/3090: 2 locks held by getty/3224: #0: ffff000019ca20a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340 #1: ffff80008cc2b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x93c/0xe9c drivers/tty/n_tty.c:2211 3 locks held by syz-executor/3282: 1 lock held by udevd/8471: #0: ffff0000161a74c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x2c4/0xa84 block/bdev.c:897 1 lock held by syz.1.1983/8495: #0: ffff0000161a74c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x104/0x510 block/bdev.c:1080 1 lock held by syz.1.1983/8496: #0: ffff0000161a74c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x104/0x510 block/bdev.c:1080 1 lock held by syz.1.1983/8499: #0: ffff0000161a74c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x2c4/0xa84 block/bdev.c:897 2 locks held by syz-executor/8813: 1 lock held by syz.0.2561/10151: 2 locks held by syz.1.2562/10155: 1 lock held by syz.1.2562/10156: #0: ffff000018422718 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1607 [inline] #0: ffff000018422718 (sk_lock-AF_INET){+.+.}-{0:0}, at: sockopt_lock_sock net/core/sock.c:1061 [inline] #0: ffff000018422718 (sk_lock-AF_INET){+.+.}-{0:0}, at: sockopt_lock_sock+0x58/0x74 net/core/sock.c:1052 ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:319 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:326 __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0xa4/0xf4 lib/dump_stack.c:119 dump_stack+0x1c/0x28 lib/dump_stack.c:128 nmi_cpu_backtrace+0x1b0/0x274 lib/nmi_backtrace.c:113 nmi_trigger_cpumask_backtrace+0x25c/0x300 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x18/0x24 arch/arm64/kernel/smp.c:926 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline] watchdog+0xa74/0xd40 kernel/hung_task.c:379 kthread+0x27c/0x300 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 3277 Comm: sshd Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 Hardware name: linux,dummy-virt (DT) pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __flush_tlb_page_nosync arch/arm64/include/asm/tlbflush.h:292 [inline] pc : flush_tlb_page_nosync arch/arm64/include/asm/tlbflush.h:301 [inline] pc : flush_tlb_page arch/arm64/include/asm/tlbflush.h:307 [inline] pc : __ptep_set_access_flags+0x1bc/0x254 arch/arm64/mm/fault.c:243 lr : instrument_atomic_read include/linux/instrumented.h:68 [inline] lr : atomic64_read include/linux/atomic/atomic-instrumented.h:1610 [inline] lr : __flush_tlb_page_nosync arch/arm64/include/asm/tlbflush.h:291 [inline] lr : flush_tlb_page_nosync arch/arm64/include/asm/tlbflush.h:301 [inline] lr : flush_tlb_page arch/arm64/include/asm/tlbflush.h:307 [inline] lr : __ptep_set_access_flags+0x198/0x254 arch/arm64/mm/fault.c:243 sp : ffff8000a0697900 x29: ffff8000a0697900 x28: fffffdffc0788b80 x27: fffffdffc0788b80 x26: 00e000005e22efc3 x25: ffff00001d80bf50 x24: 0000ffffa07ea000 x23: ffff00001b1007c0 x22: 0000000ffffa07ea x21: 1ffff000140d2f2a x20: ffff000014899df0 x19: ffff000014899800 x18: 00000000ee3399ee x17: 0000000000000000 x16: 0000000000000000 x15: ffff000016afc680 x14: 1fffe00002d5f8cf x13: 1fffe00002d5f8de x12: ffff6000029133bf x11: 1fffe000029133be x10: ffff6000029133be x9 : dfff800000000000 x8 : ffff000014899df7 x7 : 0000000000000001 x6 : ffff6000029133be x5 : ffff000014899df0 x4 : ffff6000029133bf x3 : ffff80008005b898 x2 : 0000000000000000 x1 : 1fffe000029133be x0 : 0246000ffffa07ea Call trace: __flush_tlb_page_nosync arch/arm64/include/asm/tlbflush.h:292 [inline] flush_tlb_page_nosync arch/arm64/include/asm/tlbflush.h:301 [inline] flush_tlb_page arch/arm64/include/asm/tlbflush.h:307 [inline] __ptep_set_access_flags+0x1bc/0x254 arch/arm64/mm/fault.c:243 ptep_set_access_flags arch/arm64/include/asm/pgtable.h:1724 [inline] wp_page_reuse+0x1a4/0x56c mm/memory.c:3240 do_wp_page+0x4cc/0x2d84 mm/memory.c:3713 handle_pte_fault mm/memory.c:5537 [inline] __handle_mm_fault+0x7d0/0x1c18 mm/memory.c:5664 handle_mm_fault+0x330/0x6b8 mm/memory.c:5832 do_page_fault+0x1c0/0xb34 arch/arm64/mm/fault.c:578 do_mem_abort+0x68/0x1a4 arch/arm64/mm/fault.c:826 el0_da+0x5c/0x174 arch/arm64/kernel/entry-common.c:580 el0t_64_sync_handler+0xb8/0x12c arch/arm64/kernel/entry-common.c:733 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598