INFO: task syz-executor.1:6111 blocked for more than 430 seconds. Not tainted 6.9.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:0 pid:6111 tgid:6111 ppid:3020 flags:0x00000005 Call trace: [<818f6e98>] (__schedule) from [<818f7a9c>] (__schedule_loop kernel/sched/core.c:6822 [inline]) [<818f6e98>] (__schedule) from [<818f7a9c>] (schedule+0x2c/0xfc kernel/sched/core.c:6837) r10:dfaeded4 r9:00000002 r8:dfaede84 r7:836f5400 r6:dfaedecc r5:00000000 r4:836f5400 [<818f7a70>] (schedule) from [<818ff094>] (schedule_timeout+0xe4/0x114 kernel/time/timer.c:2557) r5:00000000 r4:7fffffff [<818fefb0>] (schedule_timeout) from [<818f89f0>] (do_wait_for_common kernel/sched/completion.c:95 [inline]) [<818fefb0>] (schedule_timeout) from [<818f89f0>] (__wait_for_common kernel/sched/completion.c:116 [inline]) [<818fefb0>] (schedule_timeout) from [<818f89f0>] (wait_for_common kernel/sched/completion.c:127 [inline]) [<818fefb0>] (schedule_timeout) from [<818f89f0>] (wait_for_completion+0x6c/0x144 kernel/sched/completion.c:148) r7:836f5400 r6:dfaedecc r5:dfaeded0 r4:7fffffff [<818f8984>] (wait_for_completion) from [<81239ea0>] (__vhost_worker_flush+0xd8/0x104 drivers/vhost/vhost.c:288) r10:00000006 r9:85064000 r8:85064a70 r7:00000000 r6:85060058 r5:83775cc8 r4:83775cc8 [<81239dc8>] (__vhost_worker_flush) from [<81239f24>] (vhost_worker_flush drivers/vhost/vhost.c:295 [inline]) [<81239dc8>] (__vhost_worker_flush) from [<81239f24>] (vhost_dev_flush+0x58/0xa0 drivers/vhost/vhost.c:305) r4:83775cc0 [<81239ecc>] (vhost_dev_flush) from [<81232a2c>] (vhost_vsock_flush drivers/vhost/vsock.c:694 [inline]) [<81239ecc>] (vhost_dev_flush) from [<81232a2c>] (vhost_vsock_dev_release+0xc8/0x15c drivers/vhost/vsock.c:746) r6:85060000 r5:85062568 r4:85060004 [<81232964>] (vhost_vsock_dev_release) from [<805033c0>] (__fput+0xd4/0x2dc fs/file_table.c:422) r9:836f5400 r8:844f70d0 r7:8383a058 r6:8301c1b0 r5:000e001f r4:845cf780 [<805032ec>] (__fput) from [<80503684>] (__fput_sync+0x3c/0x40 fs/file_table.c:507) r9:836f5400 r8:8020029c r7:00000006 r6:00000000 r5:845cf780 r4:00000000 [<80503648>] (__fput_sync) from [<804fea48>] (__do_sys_close fs/open.c:1555 [inline]) [<80503648>] (__fput_sync) from [<804fea48>] (sys_close+0x30/0x64 fs/open.c:1540) [<804fea18>] (sys_close) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:67) Exception stack(0xdfaedfa8 to 0xdfaedff0) dfa0: 00000006 00000000 00000006 00000002 00000000 00000000 dfc0: 00000006 00000000 00000000 00000006 0014d490 00140000 00140000 0014d490 dfe0: 30a20000 7edb23e0 00091468 0004ff6c r5:00000000 r4:00000006 NMI backtrace for cpu 0 CPU: 0 PID: 32 Comm: khungtaskd Not tainted 6.9.0-syzkaller #0 Hardware name: ARM-Versatile Express Call trace: [<818d5778>] (dump_backtrace) from [<818d5874>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257) r7:00000000 r6:00000013 r5:60000093 r4:81fe15a0 [<818d585c>] (show_stack) from [<818f2ea0>] (__dump_stack lib/dump_stack.c:88 [inline]) [<818d585c>] (show_stack) from [<818f2ea0>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:114) [<818f2e30>] (dump_stack_lvl) from [<818f2ec4>] (dump_stack+0x18/0x1c lib/dump_stack.c:123) r5:00000000 r4:00000001 [<818f2eac>] (dump_stack) from [<818c2a74>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113) [<818c2914>] (nmi_cpu_backtrace) from [<818c2bc0>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000000 r6:8260c5d0 r5:8261a7cc r4:ffffffff [<818c2a90>] (nmi_trigger_cpumask_backtrace) from [<802103c8>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:851) r9:827e5d67 r8:828a51a0 r7:8260c734 r6:00007f40 r5:8261ad88 r4:82f92c1c [<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352728>] (trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]) [<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352728>] (check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]) [<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352728>] (watchdog+0x48c/0x59c kernel/hung_task.c:379) [<8035229c>] (watchdog) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389) r10:00000000 r9:df819e58 r8:82e9b400 r7:00000000 r6:8035229c r5:82ee8c00 r4:82f44340 [<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134) Exception stack(0xdf8e1fb0 to 0xdf8e1ff8) 1fa0: 00000000 00000000 00000000 00000000 1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82f44340 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 3012 Comm: syz-fuzzer Not tainted 6.9.0-syzkaller #0 Hardware name: ARM-Versatile Express PC is at rcu_read_unlock include/linux/rcupdate.h:814 [inline] PC is at __lruvec_stat_mod_folio+0x9c/0x124 mm/memcontrol.c:1072 LR is at 0x0 pc : [<804e3c54>] lr : [<00000000>] psr: 60000113 sp : df9a5be0 ip : df9a5b70 fp : df9a5bfc r10: 821ca000 r9 : 00e00000 r8 : fb053f5f r7 : 844b5960 r6 : ffffffff r5 : 00000011 r4 : def45bac r3 : 00000000 r2 : 00000001 r1 : 00000036 r0 : 00000001 Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 30c5387d Table: 842eb700 DAC: 00000000 Call trace: [<804e3bb8>] (__lruvec_stat_mod_folio) from [<8049fd40>] (__folio_remove_rmap mm/rmap.c:1556 [inline]) [<804e3bb8>] (__lruvec_stat_mod_folio) from [<8049fd40>] (folio_remove_rmap_ptes+0x24c/0x250 mm/rmap.c:1595) r7:844b5960 r6:def45bac r5:00000001 r4:def45bac [<8049faf4>] (folio_remove_rmap_ptes) from [<8048499c>] (zap_present_folio_ptes mm/memory.c:1505 [inline]) [<8049faf4>] (folio_remove_rmap_ptes) from [<8048499c>] (zap_present_ptes mm/memory.c:1570 [inline]) [<8049faf4>] (folio_remove_rmap_ptes) from [<8048499c>] (zap_pte_range mm/memory.c:1612 [inline]) [<8049faf4>] (folio_remove_rmap_ptes) from [<8048499c>] (zap_pmd_range mm/memory.c:1730 [inline]) [<8049faf4>] (folio_remove_rmap_ptes) from [<8048499c>] (zap_pud_range mm/memory.c:1759 [inline]) [<8049faf4>] (folio_remove_rmap_ptes) from [<8048499c>] (zap_p4d_range mm/memory.c:1780 [inline]) [<8049faf4>] (folio_remove_rmap_ptes) from [<8048499c>] (unmap_page_range+0x8a0/0xf2c mm/memory.c:1801) r7:ffedcc20 r6:02b85000 r5:def45bac r4:0000007c [<804840fc>] (unmap_page_range) from [<80485114>] (unmap_single_vma mm/memory.c:1847 [inline]) [<804840fc>] (unmap_page_range) from [<80485114>] (unmap_vmas+0xec/0x158 mm/memory.c:1891) r10:00000000 r9:00000406 r8:df9a5dc0 r7:fffffffe r6:ffffffff r5:02400000 r4:844b5960 [<80485028>] (unmap_vmas) from [<80494c4c>] (exit_mmap+0xe8/0x4f0 mm/mmap.c:3341) r10:838e5f80 r9:00000000 r8:840df078 r7:84110880 r6:00000000 r5:840df000 r4:844b5120 [<80494b64>] (exit_mmap) from [<8023f4cc>] (__mmput+0x3c/0x120 kernel/fork.c:1346) r10:838e5f80 r9:00000000 r8:df9a5e90 r7:84110880 r6:840df078 r5:840df000 r4:840df000 [<8023f490>] (__mmput) from [<8023f5ec>] (mmput+0x3c/0x40 kernel/fork.c:1368) r5:840df000 r4:84110000 [<8023f5b0>] (mmput) from [<8024a6b4>] (exit_mm kernel/exit.c:565 [inline]) [<8023f5b0>] (mmput) from [<8024a6b4>] (do_exit+0x2b0/0xa98 kernel/exit.c:861) [<8024a404>] (do_exit) from [<8024b060>] (do_group_exit+0x40/0x8c kernel/exit.c:1023) r7:400004d8 [<8024b020>] (do_group_exit) from [<8025b034>] (get_signal+0xa18/0xa3c kernel/signal.c:2909) r7:400004d8 r4:84110000 [<8025a61c>] (get_signal) from [<8020bbb8>] (do_signal arch/arm/kernel/signal.c:578 [inline]) [<8025a61c>] (get_signal) from [<8020bbb8>] (do_work_pending+0x248/0x4f8 arch/arm/kernel/signal.c:618) r10:00000118 r9:fffffe00 r8:0001664c r7:00016650 r6:00000001 r5:df9a5fb0 r4:84110000 [<8020b970>] (do_work_pending) from [<80200088>] (slow_work_pending+0xc/0x24) Exception stack(0xdf9a5fb0 to 0xdf9a5ff8) 5fa0: 00000001 00001b53 0289d66c 01000004 5fc0: 00000000 00000000 02c0ed48 00000118 00000007 0000007a 02c0ed00 00000007 5fe0: 00000002 0289d5dc 00016614 0001664c 60000010 00000001 r10:00000118 r9:84110000 r8:8020029c r7:00000118 r6:02c0ed48 r5:00000000 r4:00000000