INFO: task udevd:4427 blocked for more than 143 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:udevd state:D stack:24736 pid:4427 ppid:1 flags:0x00004000
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_read_slowpath+0x5a7/0xb20 kernel/locking/rwsem.c:1095
__down_read_common kernel/locking/rwsem.c:1260 [inline]
__down_read kernel/locking/rwsem.c:1269 [inline]
down_read+0xe6/0x450 kernel/locking/rwsem.c:1511
kernfs_dop_revalidate+0xf0/0x5b0 fs/kernfs/dir.c:1130
d_revalidate fs/namei.c:856 [inline]
d_revalidate fs/namei.c:853 [inline]
lookup_fast+0x22d/0x520 fs/namei.c:1646
walk_component+0x5e/0x5a0 fs/namei.c:1989
link_path_walk.part.0+0x730/0xdf0 fs/namei.c:2320
link_path_walk fs/namei.c:2244 [inline]
path_lookupat+0xb7/0x840 fs/namei.c:2473
filename_lookup+0x1d2/0x590 fs/namei.c:2503
vfs_statx+0x14c/0x430 fs/stat.c:232
vfs_fstatat+0x90/0xb0 fs/stat.c:270
__do_sys_newfstatat+0x94/0x120 fs/stat.c:440
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f9a50f251da
RSP: 002b:00007ffdd3deb518 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
RAX: ffffffffffffffda RBX: 0000561738b0ddd0 RCX: 00007f9a50f251da
RDX: 00007ffdd3deb528 RSI: 00007ffdd3deb9b8 RDI: 00000000ffffff9c
RBP: 00007ffdd3deb5b8 R08: 0000000000000000 R09: 0000561738dafc20
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdd3deb9b8
R13: 00007ffdd3deb528 R14: 0000561738ae4910 R15: 0000000000000000
INFO: task syz-executor.5:5090 blocked for more than 143 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.5 state:D stack:24080 pid:5090 ppid:1 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_read_slowpath+0x5a7/0xb20 kernel/locking/rwsem.c:1095
__down_read_common kernel/locking/rwsem.c:1260 [inline]
__down_read kernel/locking/rwsem.c:1269 [inline]
down_read+0xe6/0x450 kernel/locking/rwsem.c:1511
kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
do_inode_permission fs/namei.c:458 [inline]
inode_permission.part.0+0x3d6/0x670 fs/namei.c:525
inode_permission fs/namei.c:506 [inline]
may_lookup fs/namei.c:1715 [inline]
link_path_walk.part.0+0x81e/0xdf0 fs/namei.c:2262
link_path_walk fs/namei.c:2245 [inline]
path_openat+0x25c/0x2a50 fs/namei.c:3710
do_filp_open+0x1ba/0x410 fs/namei.c:3741
do_sys_openat2+0x16d/0x4c0 fs/open.c:1310
do_sys_open fs/open.c:1326 [inline]
__do_sys_openat fs/open.c:1342 [inline]
__se_sys_openat fs/open.c:1337 [inline]
__x64_sys_openat+0x143/0x1f0 fs/open.c:1337
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f27b548bc38
RSP: 002b:00007ffe0d3be5d0 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00000000000006f8 RCX: 00007f27b548bc38
RDX: 0000000000090800 RSI: 00007f27b54e6bc8 RDI: 00000000ffffff9c
RBP: 00007ffe0d3be69c R08: 0000000000090800 R09: 00007f27b54e6bc8
R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000000
R13: 0000000000125a13 R14: 000000000000000a R15: 00007ffe0d3be700
INFO: task syz-executor.2:5096 blocked for more than 144 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.2 state:D stack:23992 pid:5096 ppid:1 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_read_slowpath+0x5a7/0xb20 kernel/locking/rwsem.c:1095
__down_read_common kernel/locking/rwsem.c:1260 [inline]
__down_read kernel/locking/rwsem.c:1269 [inline]
down_read+0xe6/0x450 kernel/locking/rwsem.c:1511
kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
do_inode_permission fs/namei.c:458 [inline]
inode_permission.part.0+0x3d6/0x670 fs/namei.c:525
inode_permission fs/namei.c:506 [inline]
may_lookup fs/namei.c:1715 [inline]
link_path_walk.part.0+0x81e/0xdf0 fs/namei.c:2262
link_path_walk fs/namei.c:2245 [inline]
path_openat+0x25c/0x2a50 fs/namei.c:3710
do_filp_open+0x1ba/0x410 fs/namei.c:3741
do_sys_openat2+0x16d/0x4c0 fs/open.c:1310
do_sys_open fs/open.c:1326 [inline]
__do_sys_openat fs/open.c:1342 [inline]
__se_sys_openat fs/open.c:1337 [inline]
__x64_sys_openat+0x143/0x1f0 fs/open.c:1337
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f139188bc38
RSP: 002b:00007ffe444aac70 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 000000000000075b RCX: 00007f139188bc38
RDX: 0000000000090800 RSI: 00007f13918e6bc8 RDI: 00000000ffffff9c
RBP: 00007ffe444aad3c R08: 0000000000090800 R09: 00007f13918e6bc8
R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000000
R13: 000000000012571c R14: 0000000000000005 R15: 00007ffe444aada0
INFO: task syz-executor.3:5098 blocked for more than 145 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3 state:D stack:24208 pid:5098 ppid:1 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_read_slowpath+0x5a7/0xb20 kernel/locking/rwsem.c:1095
__down_read_common kernel/locking/rwsem.c:1260 [inline]
__down_read kernel/locking/rwsem.c:1269 [inline]
down_read+0xe6/0x450 kernel/locking/rwsem.c:1511
kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
do_inode_permission fs/namei.c:458 [inline]
inode_permission.part.0+0x3d6/0x670 fs/namei.c:525
inode_permission fs/namei.c:506 [inline]
may_lookup fs/namei.c:1715 [inline]
link_path_walk.part.0+0x81e/0xdf0 fs/namei.c:2262
link_path_walk fs/namei.c:2245 [inline]
path_openat+0x25c/0x2a50 fs/namei.c:3710
do_filp_open+0x1ba/0x410 fs/namei.c:3741
do_sys_openat2+0x16d/0x4c0 fs/open.c:1310
do_sys_open fs/open.c:1326 [inline]
__do_sys_openat fs/open.c:1342 [inline]
__se_sys_openat fs/open.c:1337 [inline]
__x64_sys_openat+0x143/0x1f0 fs/open.c:1337
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fee8fe8bc38
RSP: 002b:00007fff96f467b0 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00000000000006dc RCX: 00007fee8fe8bc38
RDX: 0000000000090800 RSI: 00007fee8fee6bc8 RDI: 00000000ffffff9c
RBP: 00007fff96f4687c R08: 0000000000090800 R09: 00007fee8fee6bc8
R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000000
R13: 00000000001257b1 R14: 0000000000000004 R15: 00007fff96f468e0
INFO: task syz-executor.1:5104 blocked for more than 145 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.1 state:D stack:24168 pid:5104 ppid:1 flags:0x00000004
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_read_slowpath+0x5a7/0xb20 kernel/locking/rwsem.c:1095
__down_read_common kernel/locking/rwsem.c:1260 [inline]
__down_read kernel/locking/rwsem.c:1269 [inline]
down_read+0xe6/0x450 kernel/locking/rwsem.c:1511
kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
do_inode_permission fs/namei.c:458 [inline]
inode_permission.part.0+0x3d6/0x670 fs/namei.c:525
inode_permission fs/namei.c:506 [inline]
may_lookup fs/namei.c:1715 [inline]
link_path_walk.part.0+0x81e/0xdf0 fs/namei.c:2262
link_path_walk fs/namei.c:2245 [inline]
path_openat+0x25c/0x2a50 fs/namei.c:3710
do_filp_open+0x1ba/0x410 fs/namei.c:3741
do_sys_openat2+0x16d/0x4c0 fs/open.c:1310
do_sys_open fs/open.c:1326 [inline]
__do_sys_openat fs/open.c:1342 [inline]
__se_sys_openat fs/open.c:1337 [inline]
__x64_sys_openat+0x143/0x1f0 fs/open.c:1337
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f856888bc38
RSP: 002b:00007ffc3356aed0 EFLAGS: 00000287 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000786 RCX: 00007f856888bc38
RDX: 0000000000090800 RSI: 00007f85688e6bc8 RDI: 00000000ffffff9c
RBP: 00007ffc3356af9c R08: 0000000000090800 R09: 00007f85688e6bc8
R10: 0000000000000000 R11: 0000000000000287 R12: 0000000000000000
R13: 00000000001256fc R14: 0000000000000005 R15: 00007ffc3356b000
INFO: task kworker/u4:6:5200 blocked for more than 146 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/u4:6 state:D stack:24136 pid:5200 ppid:2 flags:0x00004000
Workqueue: netns cleanup_net
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_write_slowpath+0x600/0x12e0 kernel/locking/rwsem.c:1190
__down_write_common kernel/locking/rwsem.c:1305 [inline]
__down_write_common kernel/locking/rwsem.c:1302 [inline]
__down_write kernel/locking/rwsem.c:1314 [inline]
down_write+0x1e8/0x220 kernel/locking/rwsem.c:1563
kernfs_remove_by_name_ns+0x89/0x120 fs/kernfs/dir.c:1657
class_remove_file_ns+0x4e/0x60 drivers/base/class.c:105
bond_net_exit_batch+0x157/0xa10 drivers/net/bonding/bond_main.c:6354
ops_exit_list+0x125/0x170 net/core/net_namespace.c:174
cleanup_net+0x4ee/0xb10 net/core/net_namespace.c:606
process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289
worker_thread+0x669/0x1090 kernel/workqueue.c:2436
kthread+0x2e8/0x3a0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
INFO: task syz-executor.5:17991 blocked for more than 146 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.5 state:D stack:27576 pid:17991 ppid:5090 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_read_slowpath+0x5a7/0xb20 kernel/locking/rwsem.c:1095
__down_read_common kernel/locking/rwsem.c:1260 [inline]
__down_read kernel/locking/rwsem.c:1269 [inline]
down_read+0xe6/0x450 kernel/locking/rwsem.c:1511
kernfs_find_and_get_ns+0x73/0xc0 fs/kernfs/dir.c:891
kernfs_find_and_get include/linux/kernfs.h:597 [inline]
sysfs_merge_group+0xbc/0x310 fs/sysfs/group.c:335
dpm_sysfs_add+0x245/0x290 drivers/base/power/sysfs.c:707
device_add+0xa86/0x1e90 drivers/base/core.c:3436
nfc_register_device+0x41/0x3b0 net/nfc/core.c:1118
nci_register_device+0x7cb/0xb50 net/nfc/nci/core.c:1257
virtual_ncidev_open+0x14f/0x230 drivers/nfc/virtual_ncidev.c:148
misc_open+0x37a/0x4a0 drivers/char/misc.c:165
chrdev_open+0x26a/0x770 fs/char_dev.c:414
do_dentry_open+0x6cc/0x13f0 fs/open.c:882
do_open fs/namei.c:3557 [inline]
path_openat+0x1bbc/0x2a50 fs/namei.c:3714
do_filp_open+0x1ba/0x410 fs/namei.c:3741
do_sys_openat2+0x16d/0x4c0 fs/open.c:1310
do_sys_open fs/open.c:1326 [inline]
__do_sys_openat fs/open.c:1342 [inline]
__se_sys_openat fs/open.c:1337 [inline]
__x64_sys_openat+0x143/0x1f0 fs/open.c:1337
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f27b548c0c9
RSP: 002b:00007f27b3ffe168 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f27b55abf80 RCX: 00007f27b548c0c9
RDX: 0000000000000002 RSI: 0000000020000e00 RDI: ffffffffffffff9c
RBP: 00007f27b54e7ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe0d3be3df R14: 00007f27b3ffe300 R15: 0000000000022000
INFO: task syz-executor.3:18006 blocked for more than 147 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.3 state:D stack:27384 pid:18006 ppid:5098 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_write_slowpath+0x600/0x12e0 kernel/locking/rwsem.c:1190
__down_write_common kernel/locking/rwsem.c:1305 [inline]
__down_write_common kernel/locking/rwsem.c:1302 [inline]
__down_write kernel/locking/rwsem.c:1314 [inline]
down_write+0x1e8/0x220 kernel/locking/rwsem.c:1563
kernfs_add_one+0xa7/0x4f0 fs/kernfs/dir.c:754
kernfs_create_dir_ns+0x18f/0x230 fs/kernfs/dir.c:1042
internal_create_group+0x787/0xb10 fs/sysfs/group.c:136
loop_sysfs_init drivers/block/loop.c:746 [inline]
loop_configure+0xf33/0x19e0 drivers/block/loop.c:1097
lo_ioctl+0x936/0x1990 drivers/block/loop.c:1550
blkdev_ioctl+0x375/0x800 block/ioctl.c:616
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
__se_sys_ioctl fs/ioctl.c:856 [inline]
__x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7fee8fe8beb7
RSP: 002b:00007fee90b49f38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fee8fe8beb7
RDX: 0000000000000003 RSI: 0000000000004c00 RDI: 0000000000000004
RBP: 0000000000000004 R08: 0000000000000000 R09: 00000000000004a0
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fee90b49fdc R14: 00007fee90b49fe0 R15: 0000000020000a42
INFO: task syz-executor.4:18011 blocked for more than 147 seconds.
Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.4 state:D stack:27384 pid:18011 ppid:5097 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:5293 [inline]
__schedule+0xb8a/0x5450 kernel/sched/core.c:6606
schedule+0xde/0x1b0 kernel/sched/core.c:6682
rwsem_down_write_slowpath+0x600/0x12e0 kernel/locking/rwsem.c:1190
__down_write_common kernel/locking/rwsem.c:1305 [inline]
__down_write_common kernel/locking/rwsem.c:1302 [inline]
__down_write kernel/locking/rwsem.c:1314 [inline]
down_write+0x1e8/0x220 kernel/locking/rwsem.c:1563
kernfs_add_one+0xa7/0x4f0 fs/kernfs/dir.c:754
kernfs_create_dir_ns+0x18f/0x230 fs/kernfs/dir.c:1042
internal_create_group+0x787/0xb10 fs/sysfs/group.c:136
loop_sysfs_init drivers/block/loop.c:746 [inline]
loop_configure+0xf33/0x19e0 drivers/block/loop.c:1097
lo_ioctl+0x936/0x1990 drivers/block/loop.c:1550
blkdev_ioctl+0x375/0x800 block/ioctl.c:616
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
__se_sys_ioctl fs/ioctl.c:856 [inline]
__x64_sys_ioctl+0x197/0x210 fs/ioctl.c:856
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f8e71e8beb7
RSP: 002b:00007f8e72b5ef38 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8e71e8beb7
RDX: 0000000000000003 RSI: 0000000000004c00 RDI: 0000000000000004
RBP: 0000000000000004 R08: 0000000000000000 R09: 00000000000004a0
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f8e72b5efdc R14: 00007f8e72b5efe0 R15: 0000000020000a42
Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
#0: ffffffff8c790fb0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 kernel/rcu/tasks.h:507
1 lock held by rcu_tasks_trace/13:
#0: ffffffff8c790cb0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 kernel/rcu/tasks.h:507
1 lock held by khungtaskd/28:
#0: ffffffff8c791b00 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x57/0x264 kernel/locking/lockdep.c:6494
1 lock held by udevd/4427:
#0: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_dop_revalidate+0xf0/0x5b0 fs/kernfs/dir.c:1130
2 locks held by getty/4742:
#0: ffff88802bcdb098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 drivers/tty/tty_ldisc.c:244
#1: ffffc900015902f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 drivers/tty/n_tty.c:2177
1 lock held by syz-executor.5/5090:
#0: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
1 lock held by syz-executor.2/5096:
#0: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
1 lock held by syz-executor.4/5097:
#0: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
1 lock held by syz-executor.3/5098:
#0: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
1 lock held by syz-executor.1/5104:
#0: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
4 locks held by kworker/u4:6/5200:
#0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline]
#0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline]
#0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline]
#0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline]
#0: ffff8880125df938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x86d/0x1710 kernel/workqueue.c:2260
#1: ffffc900047cfda8 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1710 kernel/workqueue.c:2264
#2: ffffffff8e0aa310 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x9f/0xb10 net/core/net_namespace.c:568
#3: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_remove_by_name_ns+0x89/0x120 fs/kernfs/dir.c:1657
2 locks held by kworker/u4:16/5321:
1 lock held by syz-executor.0/10967:
#0: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_iop_permission+0xbc/0x120 fs/kernfs/inode.c:288
3 locks held by syz-executor.5/17991:
#0: ffffffff8d243408 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x63/0x4a0 drivers/char/misc.c:129
#1: ffffffff8e543548 (nfc_devlist_mutex){+.+.}-{3:3}, at: nfc_register_device+0x32/0x3b0 net/nfc/core.c:1116
#2: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_find_and_get_ns+0x73/0xc0 fs/kernfs/dir.c:891
3 locks held by syz-executor.1/17994:
#0: ffff8880227640e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x22e/0xb60 fs/super.c:228
#1: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_activate fs/kernfs/dir.c:1374 [inline]
#1: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0x372/0x4f0 fs/kernfs/dir.c:792
#2: ffff888012473908 (&sem->wait_lock){....}-{2:2}, at: rwsem_down_write_slowpath+0x657/0x12e0 kernel/locking/rwsem.c:1194
2 locks held by syz-executor.2/17999:
2 locks held by syz-executor.3/18006:
#0: ffff888145ca7368 (&lo->lo_mutex){+.+.}-{3:3}, at: loop_global_lock_killable drivers/block/loop.c:120 [inline]
#0: ffff888145ca7368 (&lo->lo_mutex){+.+.}-{3:3}, at: loop_configure+0x2f7/0x19e0 drivers/block/loop.c:1026
#1: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0xa7/0x4f0 fs/kernfs/dir.c:754
2 locks held by syz-executor.4/18011:
#0: ffff88801e533b68 (&lo->lo_mutex){+.+.}-{3:3}, at: loop_global_lock_killable drivers/block/loop.c:120 [inline]
#0: ffff88801e533b68 (&lo->lo_mutex){+.+.}-{3:3}, at: loop_configure+0x2f7/0x19e0 drivers/block/loop.c:1026
#1: ffff888012473948 (&root->kernfs_rwsem){++++}-{3:3}, at: kernfs_add_one+0xa7/0x4f0 fs/kernfs/dir.c:754
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106
nmi_cpu_backtrace.cold+0x24/0x18a lib/nmi_backtrace.c:111
nmi_trigger_cpumask_backtrace+0x333/0x3c0 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:220 [inline]
watchdog+0xc75/0xfc0 kernel/hung_task.c:377
kthread+0x2e8/0x3a0 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 17994 Comm: syz-executor.1 Not tainted 6.2.0-rc5-syzkaller-00047-g7c46948a6e9c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
RIP: 0010:in_lock_functions+0x0/0x20 kernel/locking/spinlock.c:408
Code: ff ff 48 c7 c7 00 17 f7 8f e8 6c 1a 6b 00 eb 80 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa c3 66 2e 0f 1f 84 00 00 00 00 00 90 0f 1e fa 31 c0 48 81 ff 70 bd 09 8a 72 0c 31 c0 48 81 ff 29 e6
RSP: 0018:ffffc9000332f558 EFLAGS: 00000046
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 1ffffffff2381340
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffff8880124738f0 R08: 0000000000000000 R09: ffff8880124738e7
R10: ffffed100248e71c R11: 0000000000000000 R12: 0000000000000001
R13: ffff8880591057c0 R14: 0000000000000004 R15: ffff8880124738f0
FS: 00007f85696a2700(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f933672d718 CR3: 000000004f3fd000 CR4: 0000000000350ee0
Call Trace:
get_lock_parent_ip include/linux/ftrace.h:980 [inline]
preempt_latency_start kernel/sched/core.c:5737 [inline]
preempt_latency_start kernel/sched/core.c:5734 [inline]
preempt_count_add+0xba/0x140 kernel/sched/core.c:5762
__raw_spin_lock_irq include/linux/spinlock_api_smp.h:118 [inline]
_raw_spin_lock_irq+0x1a/0x50 kernel/locking/spinlock.c:170
rwsem_down_write_slowpath+0x657/0x12e0 kernel/locking/rwsem.c:1194
__down_write_common kernel/locking/rwsem.c:1305 [inline]
__down_write_common kernel/locking/rwsem.c:1302 [inline]
__down_write kernel/locking/rwsem.c:1314 [inline]
down_write+0x1e8/0x220 kernel/locking/rwsem.c:1563
kernfs_activate fs/kernfs/dir.c:1374 [inline]
kernfs_add_one+0x372/0x4f0 fs/kernfs/dir.c:792
__kernfs_create_file+0x2a0/0x350 fs/kernfs/file.c:1076
sysfs_add_file_mode_ns+0x213/0x3f0 fs/sysfs/file.c:294
create_files fs/sysfs/group.c:64 [inline]
internal_create_group+0x322/0xb10 fs/sysfs/group.c:148
internal_create_groups.part.0+0x90/0x140 fs/sysfs/group.c:188
internal_create_groups fs/sysfs/group.c:184 [inline]
sysfs_create_groups+0x29/0x50 fs/sysfs/group.c:214
create_dir lib/kobject.c:68 [inline]
kobject_add_internal+0x318/0x8f0 lib/kobject.c:223
kobject_add_varg lib/kobject.c:358 [inline]
kobject_init_and_add+0x105/0x160 lib/kobject.c:441
ext4_register_sysfs+0xb9/0x360 fs/ext4/sysfs.c:526
__ext4_fill_super fs/ext4/super.c:5491 [inline]
ext4_fill_super+0x9ce0/0xb220 fs/ext4/super.c:5644
get_tree_bdev+0x444/0x760 fs/super.c:1282
vfs_get_tree+0x8d/0x2f0 fs/super.c:1489
do_new_mount fs/namespace.c:3145 [inline]
path_mount+0x132a/0x1e20 fs/namespace.c:3475
do_mount fs/namespace.c:3488 [inline]
__do_sys_mount fs/namespace.c:3697 [inline]
__se_sys_mount fs/namespace.c:3674 [inline]
__x64_sys_mount+0x283/0x300 fs/namespace.c:3674
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f856888d5fa
Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f85696a1f88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00000000000004a6 RCX: 00007f856888d5fa
RDX: 00000000200004c0 RSI: 0000000020000500 RDI: 00007f85696a1fe0
RBP: 00007f85696a2020 R08: 00007f85696a2020 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 00000000200004c0
R13: 0000000020000500 R14: 00007f85696a1fe0 R15: 0000000020000240