INFO: task syz.1.29:3951 blocked for more than 430 seconds. Tainted: G W syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.1.29 state:D stack:0 pid:3951 tgid:3947 ppid:3259 task_flags:0x400140 flags:0x00000002 Call Trace: [] context_switch kernel/sched/core.c:5388 [inline] [] __schedule+0x1cfe/0x4d9c kernel/sched/core.c:7189 [] __schedule_loop kernel/sched/core.c:7268 [inline] [] schedule+0xb4/0x32c kernel/sched/core.c:7283 [] fuse_wait_aborted+0x17c/0x22c fs/fuse/dev.c:2535 [] fuse_conn_destroy+0x82/0x248 fs/fuse/inode.c:2120 [] fuse_sb_destroy fs/fuse/inode.c:2139 [inline] [] fuse_kill_sb_anon+0x238/0x2c8 fs/fuse/inode.c:2152 [] deactivate_locked_super+0xd8/0x198 fs/super.c:476 [] vfs_get_super fs/super.c:1338 [inline] [] get_tree_nodev+0x144/0x178 fs/super.c:1346 [] fuse_get_tree+0x34c/0x418 fs/fuse/inode.c:2055 [] vfs_get_tree+0x7e/0x314 fs/super.c:1754 [] fc_mount+0x1c/0x1d8 fs/namespace.c:1193 [] do_new_mount_fc fs/namespace.c:3758 [inline] [] do_new_mount fs/namespace.c:3834 [inline] [] path_mount+0x6ae/0x1d14 fs/namespace.c:4154 [] do_mount fs/namespace.c:4167 [inline] [] __do_sys_mount fs/namespace.c:4383 [inline] [] __se_sys_mount fs/namespace.c:4360 [inline] [] __riscv_sys_mount+0x5c2/0x778 fs/namespace.c:4360 [] syscall_handler+0x92/0x114 arch/riscv/include/asm/syscall.h:112 [] do_trap_ecall_u+0x3e4/0x638 arch/riscv/kernel/traps.c:342 [] handle_exception+0x168/0x174 arch/riscv/kernel/entry.S:232 Showing all locks held in the system: 2 locks held by kworker/0:1/10: 3 locks held by kworker/u8:2/27: 1 lock held by khungtaskd/32: #0: ffffffff887efca0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:836 [inline] #0: ffffffff887efca0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3e/0x1a0 kernel/locking/lockdep.c:6775 2 locks held by getty/3199: #0: ffffaf801e4620a0 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3a/0x48 drivers/tty/tty_ldsem.c:340 #1: ffff8f800008e2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x3be/0x1310 drivers/tty/n_tty.c:2211 1 lock held by sshd/3244: 1 lock held by syz-executor/3258: 4 locks held by kworker/u8:3/3339: 1 lock held by syz.1.29/3951: #0: ffffaf8031ea00d8 (&type->s_umount_key#52/1){+.+.}-{4:4}, at: alloc_super+0x206/0xc18 fs/super.c:345 3 locks held by kworker/u8:8/4058: ============================================= NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Tainted: G W syzkaller #0 PREEMPT Tainted: [W]=WARN Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:149 [] show_stack+0x30/0x3c arch/riscv/kernel/stacktrace.c:155 [] __dump_stack lib/dump_stack.c:94 [inline] [] dump_stack_lvl+0x114/0x1ac lib/dump_stack.c:120 [] dump_stack+0x1c/0x28 lib/dump_stack.c:129 [] nmi_cpu_backtrace+0x25e/0x3b0 lib/nmi_backtrace.c:113 [] nmi_trigger_cpumask_backtrace+0x29e/0x460 lib/nmi_backtrace.c:62 [] arch_trigger_cpumask_backtrace+0x2c/0x40 arch/riscv/kernel/smp.c:350 [] trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] [] __sys_info lib/sys_info.c:157 [inline] [] sys_info+0x20c/0x254 lib/sys_info.c:165 [] check_hung_uninterruptible_tasks kernel/hung_task.c:353 [inline] [] watchdog+0xa24/0x12c4 kernel/hung_task.c:561 [] kthread+0x310/0x438 kernel/kthread.c:436 [] ret_from_fork_kernel+0x94/0xef8 arch/riscv/kernel/process.c:230 [] ret_from_fork_kernel_asm+0x16/0x18 arch/riscv/kernel/entry.S:363 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 16 Comm: rcu_preempt Tainted: G W syzkaller #0 PREEMPT Tainted: [W]=WARN Hardware name: riscv-virtio,qemu (DT) epc : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:179 [inline] epc : _raw_spin_unlock_irqrestore+0x36/0xc0 kernel/locking/spinlock.c:198 ra : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:178 [inline] ra : _raw_spin_unlock_irqrestore+0x7c/0xc0 kernel/locking/spinlock.c:198 epc : ffffffff86490d06 ra : ffffffff86490d4c sp : ffff8f8000117bd0 gp : ffffffff8a273a00 tp : ffffaf8013280000 t0 : ffffaf8072c872d0 t1 : ffffffff8007bcb0 t2 : ffffaf8072c876a8 s0 : ffff8f8000117bf0 s1 : 0000000000000002 a0 : 0000000000000001 a1 : ffffffff881e5e80 a2 : 0000000000000002 a3 : 0000000000000001 a4 : 0000000000001000 a5 : 0000000000000000 a6 : 0000000000000003 a7 : 0000000041b58ab3 s2 : ffffffff888023d8 s3 : 0000000000000000 s4 : 0000000000000402 s5 : ffffffff802b1778 s6 : ffff8f8000117c88 s7 : ffffffff88611240 s8 : ffffffff88802e80 s9 : ffff8f8000117ce0 s10: ffff8f8000117c88 s11: 0000000000000000 t3 : ffffffff8806ef90 t4 : fffffffef110047b t5 : fffffffef110047c t6 : 0000000000000002 ssp : 0000000000000000 status: 0000000200000120 badaddr: 0000000000000000 cause: 8000000000000001 [] arch_local_irq_restore arch/riscv/include/asm/irqflags.h:51 [inline] [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:178 [inline] [] _raw_spin_unlock_irqrestore+0x36/0xc0 kernel/locking/spinlock.c:198 [] prepare_to_swait_event+0xe6/0x394 kernel/sched/swait.c:120 [] rcu_gp_kthread+0x168/0x1cc kernel/rcu/tree.c:2281 [] kthread+0x310/0x438 kernel/kthread.c:436 [] ret_from_fork_kernel+0x94/0xef8 arch/riscv/kernel/process.c:230 [] ret_from_fork_kernel_asm+0x16/0x18 arch/riscv/kernel/entry.S:363