INFO: task syz.0.2107:16420 blocked for more than 433 seconds. Not tainted 6.13.0-rc2-syzkaller-g21f1b85c8912 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.0.2107 state:D stack:0 pid:16420 tgid:16420 ppid:15185 flags:0x00000000 Call Trace: [] context_switch kernel/sched/core.c:5369 [inline] [] __schedule+0xdaa/0x393a kernel/sched/core.c:6756 [] __schedule_loop kernel/sched/core.c:6833 [inline] [] schedule+0xc4/0x324 kernel/sched/core.c:6848 [] schedule_preempt_disabled+0x16/0x28 kernel/sched/core.c:6905 [] rwsem_down_read_slowpath+0x56a/0x91e kernel/locking/rwsem.c:1084 [] __down_read_common kernel/locking/rwsem.c:1248 [inline] [] __down_read kernel/locking/rwsem.c:1261 [inline] [] down_read+0xe4/0x45e kernel/locking/rwsem.c:1526 [] mmap_read_lock include/linux/mmap_lock.h:144 [inline] [] exit_mm kernel/exit.c:546 [inline] [] do_exit+0x810/0x296e kernel/exit.c:925 [] do_group_exit+0xd4/0x26c kernel/exit.c:1087 [] __do_sys_exit_group kernel/exit.c:1098 [inline] [] __se_sys_exit_group kernel/exit.c:1096 [inline] [] __riscv_sys_exit_group+0x4a/0x54 kernel/exit.c:1096 [] syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 [] do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 [] _new_vmalloc_restore_context_a0+0xc2/0xce INFO: task syz.0.2107:16424 blocked for more than 433 seconds. Not tainted 6.13.0-rc2-syzkaller-g21f1b85c8912 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.0.2107 state:D stack:0 pid:16424 tgid:16420 ppid:15185 flags:0x0000000c Call Trace: [] context_switch kernel/sched/core.c:5369 [inline] [] __schedule+0xdaa/0x393a kernel/sched/core.c:6756 [] __schedule_loop kernel/sched/core.c:6833 [inline] [] schedule+0xc4/0x324 kernel/sched/core.c:6848 [] schedule_preempt_disabled+0x16/0x28 kernel/sched/core.c:6905 [] rwsem_down_write_slowpath+0x4de/0xe48 kernel/locking/rwsem.c:1176 [] __down_write_common kernel/locking/rwsem.c:1304 [inline] [] __down_write kernel/locking/rwsem.c:1313 [inline] [] down_write+0x17e/0x19a kernel/locking/rwsem.c:1578 [] mmap_write_lock include/linux/mmap_lock.h:106 [inline] [] do_mbind+0x254/0xe78 mm/mempolicy.c:1315 [] kernel_mbind mm/mempolicy.c:1537 [inline] [] __do_sys_mbind mm/mempolicy.c:1611 [inline] [] __se_sys_mbind mm/mempolicy.c:1607 [inline] [] __riscv_sys_mbind+0x324/0x392 mm/mempolicy.c:1607 [] syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 [] do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 [] _new_vmalloc_restore_context_a0+0xc2/0xce Showing all locks held in the system: 1 lock held by khungtaskd/39: #0: ffffffff881d0c40 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x68/0x2e6 kernel/locking/lockdep.c:6740 1 lock held by syslogd/2973: 2 locks held by getty/3124: #0: ff6000001d7500a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3a/0x46 drivers/tty/tty_ldsem.c:340 #1: ff2000000008b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xd7c/0x129a drivers/tty/n_tty.c:2211 2 locks held by syz-executor/3153: 3 locks held by kworker/u9:8/13670: 2 locks held by kworker/u8:2/15043: 3 locks held by kworker/0:4/16023: 3 locks held by kworker/u9:2/16068: 3 locks held by kworker/u9:9/16110: 3 locks held by kworker/u9:12/16118: 1 lock held by syz.0.2107/16420: #0: ff60000018795090 (&mm->mmap_lock){++++}-{4:4}, at: mmap_read_lock include/linux/mmap_lock.h:144 [inline] #0: ff60000018795090 (&mm->mmap_lock){++++}-{4:4}, at: exit_mm kernel/exit.c:546 [inline] #0: ff60000018795090 (&mm->mmap_lock){++++}-{4:4}, at: do_exit+0x810/0x296e kernel/exit.c:925 2 locks held by syz.0.2107/16423: 1 lock held by syz.0.2107/16424: #0: ff60000018795090 (&mm->mmap_lock){++++}-{4:4}, at: mmap_write_lock include/linux/mmap_lock.h:106 [inline] #0: ff60000018795090 (&mm->mmap_lock){++++}-{4:4}, at: do_mbind+0x254/0xe78 mm/mempolicy.c:1315 1 lock held by syz-executor/16440: 2 locks held by kworker/1:4/16478: 3 locks held by kworker/u8:0/16480: 3 locks held by kworker/u10:13/16693: 1 lock held by kworker/u8:1/16840: #0: ff6000005cdd3a58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:598 [inline] #0: ff6000005cdd3a58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1514 [inline] #0: ff6000005cdd3a58 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1813 [inline] #0: ff6000005cdd3a58 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x278/0x393a kernel/sched/core.c:6680 3 locks held by dhcpcd-run-hook/16972: ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted 6.13.0-rc2-syzkaller-g21f1b85c8912 #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:130 [] show_stack+0x30/0x3c arch/riscv/kernel/stacktrace.c:136 [] __dump_stack lib/dump_stack.c:94 [inline] [] dump_stack_lvl+0x12e/0x1a6 lib/dump_stack.c:120 [] dump_stack+0x1c/0x24 lib/dump_stack.c:129 [] nmi_cpu_backtrace+0x3b0/0x3b2 lib/nmi_backtrace.c:113 [] nmi_trigger_cpumask_backtrace+0x2b6/0x458 lib/nmi_backtrace.c:62 [] arch_trigger_cpumask_backtrace+0x2c/0x3e arch/riscv/kernel/smp.c:347 [] trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] [] check_hung_uninterruptible_tasks kernel/hung_task.c:234 [inline] [] watchdog+0xcee/0x1170 kernel/hung_task.c:397 [] kthread+0x28c/0x3a4 kernel/kthread.c:389 [] ret_from_fork+0xe/0x18 arch/riscv/kernel/entry.S:326 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 13670 Comm: kworker/u9:8 Not tainted 6.13.0-rc2-syzkaller-g21f1b85c8912 #0 Hardware name: riscv-virtio,qemu (DT) Workqueue: events_unbound nsim_dev_trap_report_work epc : crng_make_state+0x300/0x706 drivers/char/random.c:393 ra : arch_local_irq_restore arch/riscv/include/asm/irqflags.h:51 [inline] ra : crng_make_state+0x2fc/0x706 drivers/char/random.c:393 epc : ffffffff81d66042 ra : ffffffff81d6603e sp : ff20000002a57820 gp : ffffffff899f4f80 tp : ff60000014f61a40 t0 : ff20000002a57780 t1 : 000000004f892b2e t2 : 000000004133ce2c s0 : ff20000002a578a0 s1 : 0000000000000000 a0 : 0000000000000007 a1 : 0000000000000000 a2 : 0000000000000002 a3 : ffffffff81d6603e a4 : 0000000000000000 a5 : ff60000014f62a40 a6 : 0000000000000003 a7 : 1fec0000029ec4bf s2 : ff6000005cdd0500 s3 : 0000000000000002 s4 : ffffffff90da1fc0 s5 : 0000000000000000 s6 : ff20000002a578e0 s7 : ff6000001e5a4000 s8 : ff6000005cdd04b0 s9 : 1fec00000b9ba09a s10: ff6000005cdd04d0 s11: ffffffff8887f7a0 t3 : 0000000000000052 t4 : ff20000002a57620 t5 : 000000004145ac91 t6 : ff6000001e5a4006 status: 0000000200000120 badaddr: 0000000000000000 cause: 8000000000000001 [] arch_local_irq_restore arch/riscv/include/asm/irqflags.h:51 [inline] [] crng_make_state+0x300/0x706 drivers/char/random.c:393 [] _get_random_bytes+0x142/0x228 drivers/char/random.c:406 [] get_random_bytes+0x20/0x2c drivers/char/random.c:438 [] eth_random_addr include/linux/etherdevice.h:238 [inline] [] nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:755 [inline] [] nsim_dev_trap_report drivers/net/netdevsim/dev.c:805 [inline] [] nsim_dev_trap_report_work+0x2fe/0xc96 drivers/net/netdevsim/dev.c:851 [] process_one_work+0x968/0x1f38 kernel/workqueue.c:3229 [] process_scheduled_works kernel/workqueue.c:3310 [inline] [] worker_thread+0x5be/0xdc6 kernel/workqueue.c:3391 [] kthread+0x28c/0x3a4 kernel/kthread.c:389 [] ret_from_fork+0xe/0x18 arch/riscv/kernel/entry.S:326