INFO: task syz.0.1522:18119 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.1522 state:D stack:26688 pid:18119 tgid:18112 ppid:17199 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5298 [inline]
__schedule+0x1553/0x5240 kernel/sched/core.c:6911
__schedule_loop kernel/sched/core.c:6993 [inline]
rt_mutex_schedule+0x76/0xf0 kernel/sched/core.c:7289
rt_mutex_slowlock_block kernel/locking/rtmutex.c:1647 [inline]
__rt_mutex_slowlock kernel/locking/rtmutex.c:1721 [inline]
__rt_mutex_slowlock_locked+0x1f8f/0x25c0 kernel/locking/rtmutex.c:1760
rt_mutex_slowlock+0xbd/0x170 kernel/locking/rtmutex.c:1800
__rt_mutex_lock kernel/locking/rtmutex.c:1815 [inline]
rwbase_write_lock+0x14d/0x730 kernel/locking/rwbase_rt.c:244
inode_lock include/linux/fs.h:1028 [inline]
process_measurement+0x457/0x1c90 security/integrity/ima/ima_main.c:282
ima_file_check+0xe1/0x130 security/integrity/ima/ima_main.c:667
security_file_post_open+0xb3/0x260 security/security.c:2653
do_open fs/namei.c:4679 [inline]
path_openat+0x2e88/0x38a0 fs/namei.c:4836
do_file_open+0x23e/0x4a0 fs/namei.c:4865
do_sys_openat2+0x113/0x200 fs/open.c:1366
do_sys_open fs/open.c:1372 [inline]
__do_sys_open fs/open.c:1380 [inline]
__se_sys_open fs/open.c:1376 [inline]
__x64_sys_open+0x11e/0x150 fs/open.c:1376
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f33fa0fc819
RSP: 002b:00007f33f830c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00007f33fa376180 RCX: 00007f33fa0fc819
RDX: 00000000000000dc RSI: 000000000004a07e RDI: 0000200000000200
RBP: 00007f33fa192c91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f33fa376218 R14: 00007f33fa376180 R15: 00007fff933c2a98
INFO: task syz.0.1522:18122 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.1522 state:D stack:27576 pid:18122 tgid:18112 ppid:17199 task_flags:0x400140 flags:0x00080002
Call Trace:
context_switch kernel/sched/core.c:5298 [inline]
__schedule+0x1553/0x5240 kernel/sched/core.c:6911
__schedule_loop kernel/sched/core.c:6993 [inline]
rt_mutex_schedule+0x76/0xf0 kernel/sched/core.c:7289
rt_mutex_slowlock_block kernel/locking/rtmutex.c:1647 [inline]
__rt_mutex_slowlock kernel/locking/rtmutex.c:1721 [inline]
__rt_mutex_slowlock_locked+0x1f8f/0x25c0 kernel/locking/rtmutex.c:1760
rt_mutex_slowlock+0xbd/0x170 kernel/locking/rtmutex.c:1800
__rt_mutex_lock kernel/locking/rtmutex.c:1815 [inline]
rwbase_write_lock+0x14d/0x730 kernel/locking/rwbase_rt.c:244
inode_lock include/linux/fs.h:1028 [inline]
process_measurement+0x457/0x1c90 security/integrity/ima/ima_main.c:282
ima_file_check+0xe1/0x130 security/integrity/ima/ima_main.c:667
security_file_post_open+0xb3/0x260 security/security.c:2653
do_open fs/namei.c:4679 [inline]
path_openat+0x2e88/0x38a0 fs/namei.c:4836
do_file_open+0x23e/0x4a0 fs/namei.c:4865
do_sys_openat2+0x113/0x200 fs/open.c:1366
do_sys_open fs/open.c:1372 [inline]
__do_sys_openat fs/open.c:1388 [inline]
__se_sys_openat fs/open.c:1383 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1383
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f33fa0fc819
RSP: 002b:00007f33f7ee9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f33fa376270 RCX: 00007f33fa0fc819
RDX: 0000000000000441 RSI: 00002000000000c0 RDI: ffffffffffffff9c
RBP: 00007f33fa192c91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000108 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f33fa376308 R14: 00007f33fa376270 R15: 00007fff933c2a98
Showing all locks held in the system:
1 lock held by kauditd/37:
1 lock held by khungtaskd/38:
#0: ffffffff8ddcb9c0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#0: ffffffff8ddcb9c0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#0: ffffffff8ddcb9c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 kernel/locking/lockdep.c:6775
1 lock held by udevd/5162:
#0: ffffffff8de20e38 (kauditd_wait.lock){+.+.}-{3:3}, at: spin_lock include/linux/spinlock_rt.h:45 [inline]
#0: ffffffff8de20e38 (kauditd_wait.lock){+.+.}-{3:3}, at: __wake_up_common_lock+0x2f/0x1e0 kernel/sched/wait.c:124
2 locks held by getty/5552:
#0: ffff88802be850a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc90003e762e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0 drivers/tty/n_tty.c:2211
2 locks held by kworker/u8:1/15499:
2 locks held by syz-executor/17282:
3 locks held by syz.0.1522/18113:
1 lock held by syz.0.1522/18119:
#0: ffff88805f97efc0 (&sb->s_type->i_mutex_key#36){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1028 [inline]
#0: ffff88805f97efc0 (&sb->s_type->i_mutex_key#36){+.+.}-{4:4}, at: process_measurement+0x457/0x1c90 security/integrity/ima/ima_main.c:282
1 lock held by syz.0.1522/18122:
#0: ffff88805f97efc0 (&sb->s_type->i_mutex_key#36){+.+.}-{4:4}, at: inode_lock include/linux/fs.h:1028 [inline]
#0: ffff88805f97efc0 (&sb->s_type->i_mutex_key#36){+.+.}-{4:4}, at: process_measurement+0x457/0x1c90 security/integrity/ima/ima_main.c:282
10 locks held by syz-executor/18662:
1 lock held by syz-executor/18713:
#0: ffff88802e2c00d0 (&type->s_umount_key#56){++++}-{4:4}, at: __super_lock fs/super.c:58 [inline]
#0: ffff88802e2c00d0 (&type->s_umount_key#56){++++}-{4:4}, at: __super_lock_excl fs/super.c:73 [inline]
#0: ffff88802e2c00d0 (&type->s_umount_key#56){++++}-{4:4}, at: deactivate_super+0xa9/0xe0 fs/super.c:508
1 lock held by udevd/18891:
1 lock held by syz.5.1619/19111:
8 locks held by syz.4.1621/19128:
#0: ffff8880725840d0 (&type->s_umount_key#28/1){+.+.}-{4:4}, at: alloc_super+0x28c/0xac0 fs/super.c:345
#1: ffff88805fb62898 (&dquot->dq_lock){+.+.}-{4:4}, at: dquot_acquire+0x67/0x620 fs/quota/dquot.c:461
#2: ffff8880725841e8 (&s->s_dquot.dqio_sem){++++}-{4:4}, at: v2_write_dquot+0xab/0x260 fs/quota/quota_v2.c:367
#3: ffff88803d3226b0 (&ei->i_data_sem/2){++++}-{4:4}, at: ext4_map_blocks+0x7b5/0x11d0 fs/ext4/inode.c:818
#4: ffffe8ffffc8c1d0 (&lg->lg_mutex){+.+.}-{4:4}, at: ext4_mb_group_or_file fs/ext4/mballoc.c:5885 [inline]
#4: ffffe8ffffc8c1d0 (&lg->lg_mutex){+.+.}-{4:4}, at: ext4_mb_initialize_context+0x8cf/0xc90 fs/ext4/mballoc.c:5929
#5: ffffffff8ddcb9c0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#5: ffffffff8ddcb9c0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#5: ffffffff8ddcb9c0 (rcu_read_lock){....}-{1:3}, at: __queue_work+0x1d1/0xff0 kernel/workqueue.c:2274
#6: ffff8880b883b260 (&pool->lock){-...}-{2:2}, at: __queue_work+0x7f0/0xff0 kernel/workqueue.c:2311
#7: ffff88801c6fa970 (&p->pi_lock){-...}-{2:2}, at: class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:570 [inline]
#7: ffff88801c6fa970 (&p->pi_lock){-...}-{2:2}, at: try_to_wake_up+0x66/0x1380 kernel/sched/core.c:4130
1 lock held by dhcpcd-run-hook/19127:
=============================================
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call Trace:
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
nmi_cpu_backtrace+0x274/0x2d0 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x17a/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline]
__sys_info lib/sys_info.c:157 [inline]
sys_info+0x135/0x170 lib/sys_info.c:165
check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
watchdog+0xfd9/0x1030 kernel/hung_task.c:515
kthread+0x388/0x470 kernel/kthread.c:436
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 19128 Comm: syz.4.1621 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
RIP: 0010:__bfs_next kernel/locking/lockdep.c:1699 [inline]
RIP: 0010:__bfs kernel/locking/lockdep.c:1752 [inline]
RIP: 0010:__bfs_backwards kernel/locking/lockdep.c:1860 [inline]
RIP: 0010:check_irq_usage kernel/locking/lockdep.c:2796 [inline]
RIP: 0010:check_prev_add kernel/locking/lockdep.c:3169 [inline]
RIP: 0010:check_prevs_add kernel/locking/lockdep.c:3284 [inline]
RIP: 0010:validate_chain kernel/locking/lockdep.c:3908 [inline]
RIP: 0010:__lock_acquire+0x17af/0x2cf0 kernel/locking/lockdep.c:5237
Code: 48 89 05 a4 16 b7 13 48 8d 84 24 90 00 00 00 48 89 05 95 96 b6 13 31 ff 45 31 e4 4d 85 e4 4c 8b 6c 24 10 74 30 49 8b 44 24 30 <48> 85 c0 74 26 48 8b 40 10 48 83 c0 30 49 8b 0c 24 48 89 8c 24 d8
RSP: 0000:ffffc900051bd648 EFLAGS: 00000086
RAX: ffffffff95e3ba48 RBX: 00000000000003cd RCX: 000000000011bcd5
RDX: ffffffff95e2e0d8 RSI: ffff8880284aab78 RDI: 00000000000003cd
RBP: 9a94d38b82bf05f9 R08: ffffc900051bd610 R09: 0000000000000020
R10: dffffc0000000000 R11: ffffffff81a0a510 R12: ffffffff9613fcd8
R13: ffff8880284aab78 R14: ffff8880284a9e80 R15: 0000000000000098
FS: 00007fa1206866c0(0000) GS:ffff888126336000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fca66e21000 CR3: 000000007e51e000 CR4: 00000000003526f0
Call Trace:
lock_acquire+0xf0/0x2e0 kernel/locking/lockdep.c:5868
_raw_spin_lock_nested+0x32/0x50 kernel/locking/spinlock.c:378
raw_spin_rq_lock_nested+0x31/0x150 kernel/sched/core.c:647
raw_spin_rq_lock kernel/sched/sched.h:1615 [inline]
rq_lock kernel/sched/sched.h:1946 [inline]
ttwu_queue kernel/sched/core.c:3916 [inline]
try_to_wake_up+0x638/0x1380 kernel/sched/core.c:4242
kick_pool+0x47d/0x640 kernel/workqueue.c:1298
__queue_work+0xcd3/0xff0 kernel/workqueue.c:2355
mod_delayed_work_on+0xaf/0x190 kernel/workqueue.c:2610
kblockd_mod_delayed_work_on+0x29/0x40 block/blk-core.c:1125
blk_mq_dispatch_list+0xd1f/0xe20 include/linux/spinlock_rt.h:-1
blk_mq_flush_plug_list+0x48d/0x570 block/blk-mq.c:2997
__blk_flush_plug+0x3ed/0x4d0 block/blk-core.c:1230
blk_flush_plug include/linux/blkdev.h:1205 [inline]
io_schedule_prepare kernel/sched/core.c:7804 [inline]
io_schedule+0x78/0xe0 kernel/sched/core.c:7834
bit_wait_io+0x11/0xd0 kernel/sched/wait_bit.c:250
__wait_on_bit+0xb9/0x300 kernel/sched/wait_bit.c:52
out_of_line_wait_on_bit+0x13b/0x190 kernel/sched/wait_bit.c:67
wait_on_buffer include/linux/buffer_head.h:420 [inline]
ext4_commit_super+0x330/0x430 fs/ext4/super.c:6317
ext4_handle_error+0x65e/0x950 fs/ext4/super.c:719
__ext4_error+0x24d/0x360 fs/ext4/super.c:831
ext4_read_block_bitmap_nowait+0x2a3/0x9d0 fs/ext4/balloc.c:482
ext4_mb_prefetch+0x21c/0x3a0 fs/ext4/mballoc.c:2878
ext4_mb_might_prefetch fs/ext4/mballoc.c:2918 [inline]
ext4_mb_scan_group+0x2d7/0x18a0 fs/ext4/mballoc.c:2963
ext4_mb_scan_groups_linear+0xe8/0x360 fs/ext4/mballoc.c:1176
ext4_mb_scan_groups fs/ext4/mballoc.c:1208 [inline]
ext4_mb_regular_allocator+0x8ab/0x2c10 fs/ext4/mballoc.c:3062
ext4_mb_new_blocks+0xd42/0x4790 fs/ext4/mballoc.c:6316
ext4_ext_map_blocks+0x1521/0x5930 fs/ext4/extents.c:4461
ext4_map_create_blocks+0x11d/0x540 fs/ext4/inode.c:626
ext4_map_blocks+0x7cd/0x11d0 fs/ext4/inode.c:819
ext4_getblk+0x1ca/0x780 fs/ext4/inode.c:987
ext4_bread+0x2a/0x180 fs/ext4/inode.c:1050
ext4_quota_write+0x239/0x580 fs/ext4/super.c:7390
write_blk fs/quota/quota_tree.c:70 [inline]
get_free_dqblk+0x368/0x720 fs/quota/quota_tree.c:136
do_insert_tree+0x256/0x11d0 fs/quota/quota_tree.c:347
do_insert_tree+0x9d7/0x11d0 fs/quota/quota_tree.c:402
do_insert_tree+0x9b2/0x11d0 fs/quota/quota_tree.c:402
do_insert_tree+0x9b2/0x11d0 fs/quota/quota_tree.c:402
dq_insert_tree fs/quota/quota_tree.c:432 [inline]
qtree_write_dquot+0x4b1/0x5e0 fs/quota/quota_tree.c:451
v2_write_dquot+0x183/0x260 fs/quota/quota_v2.c:372
dquot_acquire+0x328/0x620 fs/quota/dquot.c:473
ext4_acquire_dquot+0x2e9/0x4c0 fs/ext4/super.c:7022
dqget+0x7b6/0xf10 fs/quota/dquot.c:980
__dquot_initialize+0x332/0xd30 fs/quota/dquot.c:1508
ext4_evict_inode+0x2eb/0x1040 fs/ext4/inode.c:204
evict+0x61e/0xb10 fs/inode.c:846
ext4_orphan_cleanup+0xc38/0x1470 fs/ext4/orphan.c:472
__ext4_fill_super fs/ext4/super.c:5693 [inline]
ext4_fill_super+0x59bb/0x62d0 fs/ext4/super.c:5816
get_tree_bdev_flags+0x431/0x4f0 fs/super.c:1694
vfs_get_tree+0x92/0x2a0 fs/super.c:1754
fc_mount fs/namespace.c:1193 [inline]
do_new_mount_fc fs/namespace.c:3763 [inline]
do_new_mount+0x341/0xd30 fs/namespace.c:3839
do_mount fs/namespace.c:4172 [inline]
__do_sys_mount fs/namespace.c:4361 [inline]
__se_sys_mount+0x31d/0x420 fs/namespace.c:4338
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa12242da8a
Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa120685e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fa120685ee0 RCX: 00007fa12242da8a
RDX: 0000200000000040 RSI: 0000200000000340 RDI: 00007fa120685ea0
RBP: 0000200000000040 R08: 00007fa120685ee0 R09: 0000000000000041
R10: 0000000000000041 R11: 0000000000000246 R12: 0000200000000340
R13: 00007fa120685ea0 R14: 0000000000000522 R15: 0000200000000380