INFO: task syz-executor.1:7078 blocked for more than 430 seconds. Not tainted 6.9.0-rc1-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor.1 state:D stack:0 pid:7078 tgid:7076 ppid:3002 flags:0x00000005 Call trace: [<8189abc0>] (__schedule) from [<80281ddc>] (__schedule_loop kernel/sched/core.c:6823 [inline]) [<8189abc0>] (__schedule) from [<80281ddc>] (rt_mutex_schedule+0x20/0x38 kernel/sched/core.c:7115) r10:84680c00 r9:00000000 r8:00000002 r7:00000000 r6:df9eddf0 r5:84680000 r4:84680000 [<80281dbc>] (rt_mutex_schedule) from [<818a123c>] (rt_mutex_slowlock_block.constprop.0+0x38/0x160 kernel/locking/rtmutex.c:1636) r5:84680000 r4:82e16054 [<818a1204>] (rt_mutex_slowlock_block.constprop.0) from [<818a24c4>] (__rt_mutex_slowlock kernel/locking/rtmutex.c:1704 [inline]) [<818a1204>] (rt_mutex_slowlock_block.constprop.0) from [<818a24c4>] (__rt_mutex_slowlock_locked kernel/locking/rtmutex.c:1740 [inline]) [<818a1204>] (rt_mutex_slowlock_block.constprop.0) from [<818a24c4>] (rt_mutex_slowlock.constprop.0+0xec/0x2cc kernel/locking/rtmutex.c:1778) r10:00000001 r9:60000013 r8:00000002 r7:df9eddf0 r6:84680000 r5:82e16054 r4:00000000 r3:df9eddf0 [<818a23d8>] (rt_mutex_slowlock.constprop.0) from [<818a2788>] (__rt_mutex_lock kernel/locking/rtmutex.c:1793 [inline]) [<818a23d8>] (rt_mutex_slowlock.constprop.0) from [<818a2788>] (__rt_mutex_lock_common kernel/locking/rtmutex_api.c:31 [inline]) [<818a23d8>] (rt_mutex_slowlock.constprop.0) from [<818a2788>] (rt_mutex_lock+0x44/0x48 kernel/locking/rtmutex_api.c:71) r9:853f9f80 r8:853f9f80 r7:853f9000 r6:853f9000 r5:00000001 r4:82e16040 [<818a2744>] (rt_mutex_lock) from [<80f72fdc>] (i2c_adapter_lock_bus+0x14/0x18 drivers/i2c/i2c-core-base.c:845) [<80f72fc8>] (i2c_adapter_lock_bus) from [<80f74b88>] (i2c_lock_bus include/linux/i2c.h:792 [inline]) [<80f72fc8>] (i2c_adapter_lock_bus) from [<80f74b88>] (__i2c_lock_bus_helper drivers/i2c/i2c-core.h:46 [inline]) [<80f72fc8>] (i2c_adapter_lock_bus) from [<80f74b88>] (i2c_transfer+0x54/0x140 drivers/i2c/i2c-core-base.c:2297) [<80f74b34>] (i2c_transfer) from [<80f79e28>] (i2cdev_ioctl_rdwr+0x1e8/0x224 drivers/i2c/i2c-dev.c:297) r6:00000001 r5:853f9000 r4:853f900c [<80f79c40>] (i2cdev_ioctl_rdwr) from [<80f7a84c>] (i2cdev_ioctl+0x2d4/0x390 drivers/i2c/i2c-dev.c:458) r10:843b7b40 r9:84680000 r8:00000003 r7:20000640 r6:00000707 r5:85549800 r4:20000640 [<80f7a578>] (i2cdev_ioctl) from [<8050fbdc>] (vfs_ioctl fs/ioctl.c:51 [inline]) [<80f7a578>] (i2cdev_ioctl) from [<8050fbdc>] (do_vfs_ioctl fs/ioctl.c:858 [inline]) [<80f7a578>] (i2cdev_ioctl) from [<8050fbdc>] (__do_sys_ioctl fs/ioctl.c:902 [inline]) [<80f7a578>] (i2cdev_ioctl) from [<8050fbdc>] (sys_ioctl+0x118/0xc24 fs/ioctl.c:890) r6:843b7b41 r5:00000000 r4:00000707 [<8050fac4>] (sys_ioctl) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66) Exception stack(0xdf9edfa8 to 0xdf9edff0) dfa0: 00000000 00000000 00000003 00000707 20000640 00000000 dfc0: 00000000 00000000 0014c358 00000036 7ea3a32e 7ea3a32f 003d0f00 76ba90fc dfe0: 76ba8f08 76ba8ef8 000167f8 00050bc0 r10:00000036 r9:84680000 r8:80200288 r7:00000036 r6:0014c358 r5:00000000 r4:00000000 NMI backtrace for cpu 0 CPU: 0 PID: 31 Comm: khungtaskd Not tainted 6.9.0-rc1-syzkaller #0 Hardware name: ARM-Versatile Express Call trace: [<8187943c>] (dump_backtrace) from [<81879538>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:256) r7:00000000 r6:00000113 r5:60000193 r4:81fc474c [<81879520>] (show_stack) from [<81896cf0>] (__dump_stack lib/dump_stack.c:88 [inline]) [<81879520>] (show_stack) from [<81896cf0>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:114) [<81896c80>] (dump_stack_lvl) from [<81896d14>] (dump_stack+0x18/0x1c lib/dump_stack.c:123) r5:00000000 r4:00000001 [<81896cfc>] (dump_stack) from [<81866814>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113) [<818666b4>] (nmi_cpu_backtrace) from [<81866960>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62) r7:00000000 r6:8260c590 r5:8261a88c r4:ffffffff [<81866830>] (nmi_trigger_cpumask_backtrace) from [<802105b4>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:851) r9:8260c6f4 r8:0000c680 r7:8289dfe0 r6:00007f1f r5:844c0204 r4:84f25124 [<8021059c>] (arch_trigger_cpumask_backtrace) from [<8034eac8>] (trigger_all_cpu_backtrace include/linux/nmi.h:160 [inline]) [<8021059c>] (arch_trigger_cpumask_backtrace) from [<8034eac8>] (check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline]) [<8021059c>] (arch_trigger_cpumask_backtrace) from [<8034eac8>] (watchdog+0x480/0x594 kernel/hung_task.c:380) [<8034e648>] (watchdog) from [<80270044>] (kthread+0x104/0x134 kernel/kthread.c:388) r10:00000000 r9:df819e58 r8:82e98440 r7:00000000 r6:8034e648 r5:82ee1800 r4:82f42100 [<8026ff40>] (kthread) from [<80200104>] (ret_from_fork+0x14/0x30 arch/arm/kernel/entry-common.S:134) Exception stack(0xdf8ddfb0 to 0xdf8ddff8) dfa0: 00000000 00000000 00000000 00000000 dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 dfe0: 00000000 00000000 00000000 00000000 00000013 00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ff40 r4:82f42100 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 2810 Comm: klogd Not tainted 6.9.0-rc1-syzkaller #0 Hardware name: ARM-Versatile Express PC is at check_pointer_msg lib/vsprintf.c:701 [inline] PC is at check_pointer lib/vsprintf.c:712 [inline] PC is at string+0x40/0x15c lib/vsprintf.c:725 LR is at 0xffffffff pc : [<8187163c>] lr : [] psr: a0000013 sp : ec461cb8 ip : ec461de6 fp : ec461cf4 r10: ffffffff r9 : ec461d14 r8 : 81fbb234 r7 : ec461d74 r6 : 00000003 r5 : ec461cc0 r4 : ec461cfc r3 : ec461d88 r2 : ffffffff r1 : ffff0a00 r0 : 00000604 Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 30c5387d Table: 841ce240 DAC: 00000000 Call trace: [<81871600>] (string) from [<818744c4>] (vsnprintf+0x17c/0x400 lib/vsprintf.c:2824) r6:00000003 r5:ec461de6 r4:81fbb231 [<81874348>] (vsnprintf) from [<81874824>] (sprintf+0x38/0x5c lib/vsprintf.c:3028) r10:00000011 r9:00000065 r8:ec461de5 r7:ec461dd4 r6:ec461e70 r5:000000bc r4:301ad4d8 [<818747ec>] (sprintf) from [<802bab2c>] (print_caller kernel/printk/printk.c:1341 [inline]) [<818747ec>] (sprintf) from [<802bab2c>] (info_print_prefix+0x94/0x188 kernel/printk/printk.c:1358) r3:8413c800 r2:ec461d88 r1:81fbb230 [<802baa98>] (info_print_prefix) from [<802bac94>] (record_print_text+0x74/0x17c kernel/printk/printk.c:1405) r10:00000000 r9:000007fe r8:00000001 r7:00000800 r6:851d4000 r5:00000001 r4:0000000c [<802bac20>] (record_print_text) from [<802bb9ec>] (syslog_print+0x2a0/0x36c kernel/printk/printk.c:1616) r10:8262a180 r9:76fa8140 r8:00000000 r7:000003ff r6:8285b180 r5:8285b2d0 r4:00000000 [<802bb74c>] (syslog_print) from [<802bbf84>] (do_syslog+0x16c/0x3a8 kernel/printk/printk.c:1734) r10:00000067 r9:8413c800 r8:76fa8140 r7:000003ff r6:00000000 r5:00000000 r4:00000002 [<802bbe18>] (do_syslog) from [<802bc1d4>] (__do_sys_syslog kernel/printk/printk.c:1826 [inline]) [<802bbe18>] (do_syslog) from [<802bc1d4>] (sys_syslog+0x14/0x18 kernel/printk/printk.c:1824) r9:8413c800 r8:80200288 r7:00000067 r6:00000000 r5:76fa84f4 r4:76fa8140 [<802bc1c0>] (sys_syslog) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66) Exception stack(0xec461fa8 to 0xec461ff0) 1fa0: 76fa8140 76fa84f4 00000002 76fa8140 000003ff 0000066c 1fc0: 76fa8140 76fa84f4 00000000 00000067 76fa8140 76fa794c 76fa8554 76f8a21a 1fe0: 76fa7cfc 7ed6eca4 76f1c9d0 76e3cf1c