Extracting prog: 6m26.249321396s
Minimizing prog: 30m54.249785748s
Simplifying prog options: 0s
Extracting C: 3m7.627789689s
Simplifying C: 1h7m40.700622261s


extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
detailed listing:
executing program 0:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRES16, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRES64=0x0], 0xf, 0xb8, &(0x7f0000000200)="$eJzs1zFKxUAQBuBJQkQ9geAJ0lh5AY8idmojVorgFTyFnVfxCOktLNKKOLLJFu+Vr3mBx/fBDvwzLAxstZ8/H+dvQ0S+RuRw9vCVmafvOWuenu+u7x/nGhtug0PRRsRJPeXNS/6+WmZNnY/Ty804dXPvsq8XSzzq1lscAADYWRsX2/kva+N3+QRmRF9KdbzvBQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW9h8AAP//8Dksog==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
detailed listing:
executing program 0:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRES16, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRES64=0x0], 0xf, 0xb8, &(0x7f0000000200)="$eJzs1zFKxUAQBuBJQkQ9geAJ0lh5AY8idmojVorgFTyFnVfxCOktLNKKOLLJFu+Vr3mBx/fBDvwzLAxstZ8/H+dvQ0S+RuRw9vCVmafvOWuenu+u7x/nGhtug0PRRsRJPeXNS/6+WmZNnY/Ty804dXPvsq8XSzzq1lscAADYWRsX2/kva+N3+QRmRF9KdbzvBQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW9h8AAP//8Dksog==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

program crashed: INFO: task hung in bfs_lookup
single: successfully extracted reproducer
found reproducer with 3 syscalls
minimizing guilty program
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat
detailed listing:
executing program 0:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRES16, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRES64=0x0], 0xf, 0xb8, &(0x7f0000000200)="$eJzs1zFKxUAQBuBJQkQ9geAJ0lh5AY8idmojVorgFTyFnVfxCOktLNKKOLLJFu+Vr3mBx/fBDvwzLAxstZ8/H+dvQ0S+RuRw9vCVmafvOWuenu+u7x/nGhtug0PRRsRJPeXNS/6+WmZNnY/Ty804dXPvsq8XSzzq1lscAADYWRsX2/kva+N3+QRmRF9KdbzvBQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW9h8AAP//8Dksog==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-mkdirat$cgroup_root
detailed listing:
executing program 0:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRES16, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRES64=0x0], 0xf, 0xb8, &(0x7f0000000200)="$eJzs1zFKxUAQBuBJQkQ9geAJ0lh5AY8idmojVorgFTyFnVfxCOktLNKKOLLJFu+Vr3mBx/fBDvwzLAxstZ8/H+dvQ0S+RuRw9vCVmafvOWuenu+u7x/nGhtug0PRRsRJPeXNS/6+WmZNnY/Ty804dXPvsq8XSzzq1lscAADYWRsX2/kva+N3+QRmRF9KdbzvBQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW9h8AAP//8Dksog==")
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat-mkdirat$cgroup_root
detailed listing:
executing program 0:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
detailed listing:
executing program 0:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRES16, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRES64=0x0], 0xf, 0xb8, &(0x7f0000000200)="$eJzs1zFKxUAQBuBJQkQ9geAJ0lh5AY8idmojVorgFTyFnVfxCOktLNKKOLLJFu+Vr3mBx/fBDvwzLAxstZ8/H+dvQ0S+RuRw9vCVmafvOWuenu+u7x/nGhtug0PRRsRJPeXNS/6+WmZNnY/Ty804dXPvsq8XSzzq1lscAADYWRsX2/kva+N3+QRmRF9KdbzvBQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW9h8AAP//8Dksog==")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
detailed listing:
executing program 0:
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES8, @ANYRES16, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRES64=0x0], 0xf, 0xb8, &(0x7f0000000200)="$eJzs1zFKxUAQBuBJQkQ9geAJ0lh5AY8idmojVorgFTyFnVfxCOktLNKKOLLJFu+Vr3mBx/fBDvwzLAxstZ8/H+dvQ0S+RuRw9vCVmafvOWuenu+u7x/nGhtug0PRRsRJPeXNS/6+WmZNnY/Ty804dXPvsq8XSzzq1lscAADYWRsX2/kva+N3+QRmRF9KdbzvBQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW9h8AAP//8Dksog==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)

program did not crash
extracting C reproducer
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
simplifying C reproducer
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:true UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$bfs-openat-mkdirat$cgroup_root
program crashed: INFO: task hung in bfs_lookup
reproducing took 1h48m8.827580254s
repro crashed as (corrupted=false):
INFO: task syz-executor185:4296 blocked for more than 143 seconds.
      Not tainted 6.1.129-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor185 state:D stack:0     pid:4296  ppid:4292   flags:0x0000000d
Call trace:
 __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5243 [inline]
 __schedule+0xef4/0x1d44 kernel/sched/core.c:6560
 schedule+0xc4/0x170 kernel/sched/core.c:6636
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6695
 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 bfs_lookup+0x11c/0x228 fs/bfs/dir.c:136
 __lookup_slow+0x250/0x374 fs/namei.c:1690
 lookup_slow+0x60/0x84 fs/namei.c:1707
 walk_component fs/namei.c:1998 [inline]
 link_path_walk+0x830/0xcc8 fs/namei.c:2325
 path_parentat fs/namei.c:2526 [inline]
 __filename_parentat+0x1e4/0x5d0 fs/namei.c:2550
 filename_parentat fs/namei.c:2568 [inline]
 filename_create+0xf0/0x468 fs/namei.c:3857
 do_mkdirat+0xac/0x510 fs/namei.c:4121
 __do_sys_mkdirat fs/namei.c:4146 [inline]
 __se_sys_mkdirat fs/namei.c:4144 [inline]
 __arm64_sys_mkdirat+0x90/0xa8 fs/namei.c:4144
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585

Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
 #0: ffff800015cc79b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 kernel/rcu/tasks.h:517
1 lock held by rcu_tasks_trace/13:
 #0: ffff800015cc81b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 kernel/rcu/tasks.h:517
1 lock held by khungtaskd/28:
 #0: ffff800015cc77e0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:349
2 locks held by getty/4054:
 #0: ffff0000d5f76098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
 #1: ffff80001d8f02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1214 drivers/tty/n_tty.c:2198
3 locks held by syz-executor185/4294:
2 locks held by syz-executor185/4296:
 #0: ffff0000e1b4c168 (&type->i_mutex_dir_key#8){.+.+}-{3:3}, at: inode_lock_shared include/linux/fs.h:768 [inline]
 #0: ffff0000e1b4c168 (&type->i_mutex_dir_key#8){.+.+}-{3:3}, at: lookup_slow+0x50/0x84 fs/namei.c:1706
 #1: ffff0000c316d8d8 (&info->bfs_lock){+.+.}-{3:3}, at: bfs_lookup+0x11c/0x228 fs/bfs/dir.c:136

=============================================


final repro crashed as (corrupted=false):
INFO: task syz-executor185:4296 blocked for more than 143 seconds.
      Not tainted 6.1.129-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor185 state:D stack:0     pid:4296  ppid:4292   flags:0x0000000d
Call trace:
 __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5243 [inline]
 __schedule+0xef4/0x1d44 kernel/sched/core.c:6560
 schedule+0xc4/0x170 kernel/sched/core.c:6636
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6695
 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 bfs_lookup+0x11c/0x228 fs/bfs/dir.c:136
 __lookup_slow+0x250/0x374 fs/namei.c:1690
 lookup_slow+0x60/0x84 fs/namei.c:1707
 walk_component fs/namei.c:1998 [inline]
 link_path_walk+0x830/0xcc8 fs/namei.c:2325
 path_parentat fs/namei.c:2526 [inline]
 __filename_parentat+0x1e4/0x5d0 fs/namei.c:2550
 filename_parentat fs/namei.c:2568 [inline]
 filename_create+0xf0/0x468 fs/namei.c:3857
 do_mkdirat+0xac/0x510 fs/namei.c:4121
 __do_sys_mkdirat fs/namei.c:4146 [inline]
 __se_sys_mkdirat fs/namei.c:4144 [inline]
 __arm64_sys_mkdirat+0x90/0xa8 fs/namei.c:4144
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585

Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
 #0: ffff800015cc79b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 kernel/rcu/tasks.h:517
1 lock held by rcu_tasks_trace/13:
 #0: ffff800015cc81b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 kernel/rcu/tasks.h:517
1 lock held by khungtaskd/28:
 #0: ffff800015cc77e0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:349
2 locks held by getty/4054:
 #0: ffff0000d5f76098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
 #1: ffff80001d8f02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1214 drivers/tty/n_tty.c:2198
3 locks held by syz-executor185/4294:
2 locks held by syz-executor185/4296:
 #0: ffff0000e1b4c168 (&type->i_mutex_dir_key#8){.+.+}-{3:3}, at: inode_lock_shared include/linux/fs.h:768 [inline]
 #0: ffff0000e1b4c168 (&type->i_mutex_dir_key#8){.+.+}-{3:3}, at: lookup_slow+0x50/0x84 fs/namei.c:1706
 #1: ffff0000c316d8d8 (&info->bfs_lock){+.+.}-{3:3}, at: bfs_lookup+0x11c/0x228 fs/bfs/dir.c:136

=============================================