INFO: task syz.8.910:9927 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.8.910       state:D stack:26024 pid:9927  tgid:9926  ppid:9474   task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 __schedule+0x1798/0x4cc0
 schedule+0x165/0x360
 schedule_preempt_disabled+0x13/0x30
 __mutex_lock+0x7e6/0x1350
 sync_bdevs+0x1ac/0x340
 ksys_sync+0xb9/0x150
 __ia32_sys_sync+0xe/0x20
 do_syscall_64+0xfa/0xfa0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fbdc7b8efc9
RSP: 002b:00007fbdc8a0b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
RAX: ffffffffffffffda RBX: 00007fbdc7de5fa0 RCX: 00007fbdc7b8efc9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007fbdc7de5fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fbdc7de6038 R14: 00007fbdc7de5fa0 R15: 00007ffd33183db8
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/35:
 #0: ffffffff8df3d620 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
2 locks held by getty/5640:
 #0: ffff888112f810a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
 #1: ffffc9000356b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
1 lock held by udevd/5813:
 #0: ffff8881096dd358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by udevd/5817:
 #0: ffff888109bb3358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by udevd/5822:
 #0: ffff88816b4f4358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by udevd/5889:
 #0: ffff888109bb7358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by udevd/6188:
 #0: ffff888109c43358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by udevd/6982:
 #0: ffff888109d03358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by udevd/6986:
 #0: ffff88816ada9358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by udevd/6988:
 #0: ffff888109d07358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by udevd/6994:
 #0: ffff888109da3358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by syz.8.910/9927:
 #0: ffff888109da3358 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ac/0x340
1 lock held by syz.6.990/10292:
 #0: ffff888109d03358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by syz.4.1169/11029:
 #0: ffff8881096dd358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by syz.5.1426/12078:
 #0: ffff88816ada9358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
1 lock held by syz-executor/12288:
 #0: ffff88823c63a058 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
2 locks held by syz.1.1522/12594:

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 35 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250
 nmi_cpu_backtrace+0x39e/0x3d0
 nmi_trigger_cpumask_backtrace+0x17a/0x300
 watchdog+0xf60/0xfa0
 kthread+0x711/0x8a0
 ret_from_fork+0x4bc/0x870
 ret_from_fork_asm+0x1a/0x30
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 12594 Comm: syz.1.1522 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:do_raw_spin_lock+0x12e/0x290
Code: 00 48 89 df be 04 00 00 00 e8 4e f9 87 00 48 8d 7c 24 40 be 04 00 00 00 e8 3f f9 87 00 8b 44 24 40 b9 01 00 00 00 f0 0f b1 0b <0f> 85 dd 00 00 00 65 8b 1d d9 d5 d0 10 48 b9 00 00 00 00 00 fc ff
RSP: 0018:ffffc90000a085a0 EFLAGS: 00000046
RAX: 0000000000000000 RBX: ffff88823c627ac0 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000a085e0
RBP: ffffc90000a08650 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffff520001410bc R12: ffff88823c627ad0
R13: ffff88823c627ac8 R14: 1ffff110478c4f5a R15: 1ffff110478c4f59
FS:  00007feb3f7d86c0(0000) GS:ffff8882a9f32000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f84c29b6358 CR3: 000000001cc64000 CR4: 00000000000006f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
 <IRQ>
 _raw_spin_lock_irqsave+0xb3/0xf0
 hrtimer_start_range_ns+0xcb/0x1080
 dummy_urb_enqueue+0x55d/0x780
 usb_hcd_submit_urb+0x325/0x1aa0
 aiptek_irq+0x1aa8/0x2900
 __usb_hcd_giveback_urb+0x376/0x540
 dummy_timer+0x85f/0x44c0
 __hrtimer_run_queues+0x52c/0xc60
 hrtimer_run_softirq+0x187/0x2b0
 handle_softirqs+0x286/0x870
 __irq_exit_rcu+0xca/0x1f0
 irq_exit_rcu+0x9/0x30
 sysvec_apic_timer_interrupt+0xa6/0xc0
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20
RIP: 0010:local_clock_noinstr+0x5/0xe0
Code: c7 c7 e0 82 69 8b e8 1a a3 df f5 cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 53 <66> 90 e8 84 da ff ff 48 03 05 a5 85 35 04 5b c3 cc cc cc cc cc f3
RSP: 0018:ffffc90005f07368 EFLAGS: 00000282
RAX: ffffffff82301b8a RBX: 0000000000140cca RCX: 0000000000080000
RDX: ffffc9002a1e1000 RSI: 000000000007ffff RDI: 0000000000080000
RBP: ffffc90005f07428 R08: ffffffff8f7d1677 R09: 0000000000000000
R10: ffffed1034b05400 R11: fffffbfff1efa2cf R12: fffa8001a582b000
R13: dffffc0000000000 R14: 1ffffffff1b24ea4 R15: 0000000000000000
 local_clock+0x10/0x30
 __set_page_owner+0x7f/0x4c0
 post_alloc_hook+0x240/0x2a0
 get_page_from_freelist+0x2365/0x2440
 __alloc_frozen_pages_noprof+0x181/0x370
 alloc_pages_mpol+0x232/0x4a0
 folio_alloc_mpol_noprof+0x39/0x70
 shmem_alloc_and_add_folio+0x423/0xf40
 shmem_get_folio_gfp+0x59d/0x1660
 shmem_write_begin+0xf7/0x2b0
 generic_perform_write+0x2c5/0x900
 shmem_file_write_iter+0xf8/0x120
 vfs_write+0x5c9/0xb30
 ksys_write+0x145/0x250
 do_syscall_64+0xfa/0xfa0
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7feb3e98da7f
Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
RSP: 002b:00007feb3f7d7df0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000008000000 RCX: 00007feb3e98da7f
RDX: 0000000008000000 RSI: 00007feb34600000 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000002223a
R10: 0000000000000002 R11: 0000000000000293 R12: 0000000000000003
R13: 00007feb3f7d7ef0 R14: 00007feb3f7d7eb0 R15: 00007feb34600000
 </TASK>
