INFO: task syz.3.1170:7647 blocked for more than 430 seconds. Tainted: G L syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.3.1170 state:D stack:0 pid:7647 tgid:7643 ppid:6136 task_flags:0x400140 flags:0x00000002 Call Trace: [] context_switch kernel/sched/core.c:5298 [inline] [] __schedule+0x18fa/0x4578 kernel/sched/core.c:6911 [] __schedule_loop kernel/sched/core.c:6993 [inline] [] schedule+0xb4/0x334 kernel/sched/core.c:7008 [] request_wait_answer+0x474/0x6a8 fs/fuse/dev.c:585 [] __fuse_request_send fs/fuse/dev.c:599 [inline] [] __fuse_simple_request+0x3d4/0xcac fs/fuse/dev.c:693 [] fuse_simple_request fs/fuse/fuse_i.h:1263 [inline] [] fuse_send_init+0x3a2/0x570 fs/fuse/inode.c:1554 [] fuse_fill_super+0x202/0x268 fs/fuse/inode.c:1957 [] vfs_get_super fs/super.c:1327 [inline] [] get_tree_nodev+0xd2/0x178 fs/super.c:1346 [] fuse_get_tree+0x232/0x5ac fs/fuse/inode.c:2026 [] vfs_get_tree+0x7e/0x314 fs/super.c:1754 [] fc_mount+0x1c/0x1d8 fs/namespace.c:1193 [] do_new_mount_fc fs/namespace.c:3763 [inline] [] do_new_mount fs/namespace.c:3839 [inline] [] path_mount+0x6ae/0x1d14 fs/namespace.c:4159 [] do_mount fs/namespace.c:4172 [inline] [] __do_sys_mount fs/namespace.c:4361 [inline] [] __se_sys_mount fs/namespace.c:4338 [inline] [] __riscv_sys_mount+0x5c2/0x778 fs/namespace.c:4338 [] syscall_handler+0x92/0x114 arch/riscv/include/asm/syscall.h:112 [] do_trap_ecall_u+0x402/0x680 arch/riscv/kernel/traps.c:344 [] handle_exception+0x15e/0x16a arch/riscv/kernel/entry.S:232 Showing all locks held in the system: 1 lock held by khungtaskd/33: #0: ffffffff887f4620 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2a/0x1a8 kernel/locking/lockdep.c:6771 1 lock held by syslogd/3008: 2 locks held by getty/3164: #0: ffffaf801dbcc0a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3a/0x48 drivers/tty/tty_ldsem.c:340 #1: ffff8f800008e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x3be/0x1324 drivers/tty/n_tty.c:2211 2 locks held by syz-executor/3188: 5 locks held by syz-executor/3200: 3 locks held by kworker/u8:7/3759: 3 locks held by kworker/u8:5/5794: 3 locks held by kworker/1:2/7417: 1 lock held by syz.3.1170/7647: #0: ffffaf80300c20e0 (&type->s_umount_key#60/1){+.+.}-{4:4}, at: alloc_super+0x18a/0xb14 fs/super.c:345 3 locks held by kworker/u8:10/8014: 3 locks held by kworker/0:5/8066: 1 lock held by syz.4.1218/8091: 1 lock held by syz-executor/8093: ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 33 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT Tainted: [L]=SOFTLOCKUP Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:149 [] show_stack+0x30/0x3c arch/riscv/kernel/stacktrace.c:155 [] __dump_stack lib/dump_stack.c:94 [inline] [] dump_stack_lvl+0x114/0x1ac lib/dump_stack.c:120 [] dump_stack+0x1c/0x28 lib/dump_stack.c:129 [] nmi_cpu_backtrace+0x25e/0x3b0 lib/nmi_backtrace.c:113 [] nmi_trigger_cpumask_backtrace+0x29e/0x460 lib/nmi_backtrace.c:62 [] arch_trigger_cpumask_backtrace+0x2c/0x40 arch/riscv/kernel/smp.c:350 [] trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline] [] __sys_info lib/sys_info.c:157 [inline] [] sys_info+0x20c/0x254 lib/sys_info.c:165 [] check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline] [] watchdog+0xab2/0x127c kernel/hung_task.c:515 [] kthread+0x31c/0x444 kernel/kthread.c:436 [] ret_from_fork_kernel+0x94/0xef8 arch/riscv/kernel/process.c:228 [] ret_from_fork_kernel_asm+0x16/0x18 arch/riscv/kernel/entry.S:363 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 3188 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT Tainted: [L]=SOFTLOCKUP Hardware name: riscv-virtio,qemu (DT) epc : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:179 [inline] epc : _raw_spin_unlock_irqrestore+0x36/0xc0 kernel/locking/spinlock.c:194 ra : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:178 [inline] ra : _raw_spin_unlock_irqrestore+0x7c/0xc0 kernel/locking/spinlock.c:194 epc : ffffffff8645596a ra : ffffffff864559b0 sp : ffff8f8000007ba0 gp : ffffffff8a229d40 tp : ffffaf801a5c4f80 t0 : ffff8f8000007c00 t1 : ffffffff8007a85c t2 : ffffffff802754c4 s0 : ffff8f8000007bc0 s1 : 0000000000000002 a0 : 0000000000000000 a1 : ffffffff88126298 a2 : 0000000000000003 a3 : 0000000000000001 a4 : 0000000000001000 a5 : 0000000000000000 a6 : 0000000000000000 a7 : 0000000041b58ab3 s2 : ffffffff915912f0 s3 : ffff8f8000007c80 s4 : 0000000000000002 s5 : ffffaf803566c540 s6 : 1ffff1f000000f7c s7 : ffffffff915912f0 s8 : 0000000200000122 s9 : fffffffef144db94 s10: 0000000000000000 s11: ffffaf803566c540 t3 : ffffffff87fb27e0 t4 : fffffffef22b225e t5 : fffffffef22b225f t6 : 0000000000000002 ssp : 0000000000000000 status: 0000000200000120 badaddr: 0000000000000000 cause: 8000000000000001 [] arch_local_irq_restore arch/riscv/include/asm/irqflags.h:51 [inline] [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:178 [inline] [] _raw_spin_unlock_irqrestore+0x36/0xc0 kernel/locking/spinlock.c:194 [] debug_object_deactivate+0x27c/0x2f0 lib/debugobjects.c:905 [] debug_rcu_head_unqueue kernel/rcu/rcu.h:248 [inline] [] rcu_do_batch kernel/rcu/tree.c:2609 [inline] [] rcu_core+0x4e8/0x1314 kernel/rcu/tree.c:2869 [] rcu_core_si+0xc/0x14 kernel/rcu/tree.c:2886 [] handle_softirqs+0x454/0x13d4 kernel/softirq.c:622 [] __do_softirq kernel/softirq.c:656 [inline] [] invoke_softirq kernel/softirq.c:496 [inline] [] __irq_exit_rcu+0x2de/0x534 kernel/softirq.c:723 [] irq_exit_rcu+0x10/0xf4 kernel/softirq.c:739 [] handle_riscv_irq+0x40/0x4c arch/riscv/kernel/traps.c:446 [] call_on_irq_stack+0x32/0x40 arch/riscv/kernel/entry.S:396