INFO: task udevd:13092 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:udevd state:D stack:0 pid:13092 tgid:13092 ppid:3101 flags:0x0000000d Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_open+0x2c4/0xa84 block/bdev.c:897 blkdev_open+0x24c/0x37c block/fops.c:630 do_dentry_open+0x50c/0x1068 fs/open.c:959 vfs_open+0x5c/0x2fc fs/open.c:1089 do_open fs/namei.c:3727 [inline] path_openat+0x16dc/0x2380 fs/namei.c:3886 do_filp_open+0x16c/0x330 fs/namei.c:3913 do_sys_openat2+0x12c/0x160 fs/open.c:1416 do_sys_open fs/open.c:1431 [inline] __do_sys_openat fs/open.c:1447 [inline] __se_sys_openat fs/open.c:1442 [inline] __arm64_sys_openat+0x12c/0x1b8 fs/open.c:1442 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x6c/0x258 arch/arm64/kernel/syscall.c:49 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x40/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x50/0x180 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz.1.3658:13094 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.3658 state:D stack:0 pid:13094 tgid:13094 ppid:11348 flags:0x00000001 Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_release+0x104/0x510 block/bdev.c:1080 blkdev_release+0x14/0x24 block/fops.c:638 __fput+0x2c4/0x964 fs/file_table.c:422 ____fput+0x10/0x1c fs/file_table.c:450 task_work_run+0x128/0x210 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] do_notify_resume+0x1d4/0x25c arch/arm64/kernel/entry-common.c:151 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline] el0_svc+0x100/0x180 arch/arm64/kernel/entry-common.c:713 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz.1.3658:13095 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.3658 state:D stack:0 pid:13095 tgid:13094 ppid:11348 flags:0x00000009 Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6678 __mutex_lock_common kernel/locking/mutex.c:684 [inline] __mutex_lock+0x4e8/0x840 kernel/locking/mutex.c:752 mutex_lock_nested+0x24/0x30 kernel/locking/mutex.c:804 bdev_release+0x104/0x510 block/bdev.c:1080 blkdev_release+0x14/0x24 block/fops.c:638 __fput+0x2c4/0x964 fs/file_table.c:422 ____fput+0x10/0x1c fs/file_table.c:450 task_work_run+0x128/0x210 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] do_notify_resume+0x1d4/0x25c arch/arm64/kernel/entry-common.c:151 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline] exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline] el0_svc+0x100/0x180 arch/arm64/kernel/entry-common.c:713 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 INFO: task syz.1.3658:13096 blocked for more than 430 seconds. Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.3658 state:D stack:0 pid:13096 tgid:13094 ppid:11348 flags:0x0000000d Call trace: __switch_to+0x1c8/0x2a4 arch/arm64/kernel/process.c:553 context_switch kernel/sched/core.c:5188 [inline] __schedule+0xacc/0x2920 kernel/sched/core.c:6529 __schedule_loop kernel/sched/core.c:6606 [inline] schedule+0xd0/0x304 kernel/sched/core.c:6621 io_schedule+0xac/0x114 kernel/sched/core.c:7401 folio_wait_bit_common+0x2a8/0x6d0 mm/filemap.c:1307 folio_put_wait_locked mm/filemap.c:1471 [inline] do_read_cache_folio+0x204/0x42c mm/filemap.c:3771 read_cache_folio+0x44/0x6c mm/filemap.c:3821 read_mapping_folio include/linux/pagemap.h:913 [inline] read_part_sector+0xac/0x2b0 block/partitions/core.c:712 msdos_partition+0x100/0x1eb4 block/partitions/msdos.c:592 check_partition block/partitions/core.c:138 [inline] blk_add_partitions block/partitions/core.c:579 [inline] bdev_disk_changed+0x504/0xec0 block/partitions/core.c:683 blkdev_get_whole+0x144/0x1e4 block/bdev.c:700 bdev_open+0x1dc/0xa84 block/bdev.c:909 blkdev_open+0x24c/0x37c block/fops.c:630 do_dentry_open+0x50c/0x1068 fs/open.c:959 vfs_open+0x5c/0x2fc fs/open.c:1089 do_open fs/namei.c:3727 [inline] path_openat+0x16dc/0x2380 fs/namei.c:3886 do_filp_open+0x16c/0x330 fs/namei.c:3913 do_sys_openat2+0x12c/0x160 fs/open.c:1416 do_sys_open fs/open.c:1431 [inline] __do_sys_openat fs/open.c:1447 [inline] __se_sys_openat fs/open.c:1442 [inline] __arm64_sys_openat+0x12c/0x1b8 fs/open.c:1442 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x6c/0x258 arch/arm64/kernel/syscall.c:49 el0_svc_common.constprop.0+0xac/0x230 arch/arm64/kernel/syscall.c:132 do_el0_svc+0x40/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x50/0x180 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 Showing all locks held in the system: 1 lock held by khungtaskd/31: #0: ffff800086c62ae0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x44/0x2d4 kernel/locking/lockdep.c:6620 2 locks held by kworker/u8:4/103: 2 locks held by getty/3220: #0: ffff000018f4a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340 #1: ffff80008cc2b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x93c/0xe9c drivers/tty/n_tty.c:2211 2 locks held by sshd/3273: #0: ffff8000870a3ce0 (fill_pool_map-wait-type-override){+.+.}-{3:3}, at: fsnotify_grab_connector+0x0/0x1c0 fs/notify/mark.c:464 #1: ffff00001c8c4b80 (&sb->s_type->i_lock_key#24){+.+.}-{2:2}, at: debug_object_active_state+0x12c/0x2fc lib/debugobjects.c:937 3 locks held by kworker/0:3/12122: 1 lock held by udevd/13092: #0: ffff0000160174c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x2c4/0xa84 block/bdev.c:897 1 lock held by syz.1.3658/13094: #0: ffff0000160174c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x104/0x510 block/bdev.c:1080 1 lock held by syz.1.3658/13095: #0: ffff0000160174c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_release+0x104/0x510 block/bdev.c:1080 1 lock held by syz.1.3658/13096: #0: ffff0000160174c8 (&disk->open_mutex){+.+.}-{3:3}, at: bdev_open+0x2c4/0xa84 block/bdev.c:897 1 lock held by syz-executor/13583: 1 lock held by syz-executor/14318: 1 lock held by syz.1.4073/14546: #0: ffff00001eff00a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340 2 locks held by syz.1.4073/14547: #0: ffff00001eff01c0 (&tty->legacy_mutex/1){+.+.}-{3:3}, at: tty_lock+0x48/0x90 drivers/tty/tty_mutex.c:18 #1: ffff00001eff00a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_write+0x3c/0x4c drivers/tty/tty_ldsem.c:366 1 lock held by syz.1.4073/14548: #0: ffff00001eff00a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340 ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:317 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:324 __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0xa4/0xf4 lib/dump_stack.c:119 dump_stack+0x1c/0x28 lib/dump_stack.c:128 nmi_cpu_backtrace+0x1b0/0x274 lib/nmi_backtrace.c:113 nmi_trigger_cpumask_backtrace+0x25c/0x300 lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x18/0x24 arch/arm64/kernel/smp.c:926 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline] watchdog+0xa74/0xd40 kernel/hung_task.c:379 kthread+0x27c/0x300 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 103 Comm: kworker/u8:4 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 Hardware name: linux,dummy-virt (DT) Workqueue: events_power_efficient wg_ratelimiter_gc_entries pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : arch_local_irq_restore arch/arm64/include/asm/irqflags.h:197 [inline] pc : lock_acquire kernel/locking/lockdep.c:5762 [inline] pc : lock_acquire+0x4e0/0x7a4 kernel/locking/lockdep.c:5724 lr : lockdep_recursion_finish kernel/locking/lockdep.c:466 [inline] lr : lock_acquire kernel/locking/lockdep.c:5761 [inline] lr : lock_acquire+0x494/0x7a4 kernel/locking/lockdep.c:5724 sp : ffff80008d287980 x29: ffff80008d2879a0 x28: ffff8000851683e0 x27: 0000000000000000 x26: ffff8000823dcf58 x25: 0000000000000000 x24: ffff80008757b8b8 x23: 0000000000000001 x22: ffff7fffe35cf000 x21: ffff800086a10fc8 x20: ffff800086a10fc8 x19: 1ffff00011a50f44 x18: 00000000952c836d x17: 0000000000000000 x16: 0000000000000000 x15: ffff00000ff42880 x14: 1fffe00001fe850f x13: 1fffe00001fe851e x12: 0000000000000028 x11: 0000000000000000 x10: 1ffff0001106a5a1 x9 : 1ffff000111d5bcc x8 : 1774fb8d97c0a44c x7 : 00000000d952c836 x6 : ffff00000ff428d0 x5 : 000000000000057c x4 : 0000000000004412 x3 : 1fffe0000d3fbff9 x2 : 0000000000000000 x1 : 0000000000000003 x0 : 0000000000000000 Call trace: __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] lock_acquire kernel/locking/lockdep.c:5762 [inline] lock_acquire+0x4e0/0x7a4 kernel/locking/lockdep.c:5724 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x48/0x60 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:351 [inline] wg_ratelimiter_gc_entries+0xac/0x48c drivers/net/wireguard/ratelimiter.c:63 process_one_work+0x7a0/0x1868 kernel/workqueue.c:3231 process_scheduled_works kernel/workqueue.c:3312 [inline] worker_thread+0x72c/0xb4c kernel/workqueue.c:3389 kthread+0x27c/0x300 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860