[syzbot] WARNING in inc_nlink (3)

[syzbot] WARNING in inc_nlink (3)

[syzbot]

Hello,

syzbot found the following issue on:

HEAD commit:    aad611a868d1 Merge tag 'perf-tools-fixes-for-v5.17-2022-03..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=11ae4ede700000
kernel config:  https://syzkaller.appspot.com/x/.config?x=aba0ab2928a512c2
dashboard link: https://syzkaller.appspot.com/bug?extid=2b3af42c0644df1e4da9
compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=12b9eb31700000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1429c4c5700000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2b3af42c0644df1e4da9@syzkaller.appspotmail.com

------------[ cut here ]------------
WARNING: CPU: 3 PID: 3671 at fs/inode.c:388 inc_nlink+0x144/0x160 fs/inode.c:388
Modules linked in:
CPU: 3 PID: 3671 Comm: syz-executor254 Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
RIP: 0010:inc_nlink+0x144/0x160 fs/inode.c:388
Code: ff 4c 89 e7 e8 0d 97 ec ff e9 42 ff ff ff 4c 89 e7 e8 90 96 ec ff e9 fc fe ff ff 4c 89 e7 e8 83 96 ec ff eb d4 e8 9c b0 a5 ff <0f> 0b e9 6e ff ff ff e8 80 96 ec ff e9 44 ff ff ff e8 76 96 ec ff
RSP: 0018:ffffc900027cfcc0 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff8880266e06c0 RCX: 0000000000000000
RDX: ffff888022f24100 RSI: ffffffff81d244f4 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: ffff8880266e0183
R10: ffffffff81d24460 R11: 000000000000001d R12: ffff8880266e0708
R13: ffff888026531d78 R14: ffff8880266e00f8 R15: ffff88801d309c00
FS:  00005555565363c0(0000) GS:ffff88802ca00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000564785040878 CR3: 000000001626c000 CR4: 0000000000150ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 v9fs_vfs_mkdir_dotl+0x478/0x770 fs/9p/vfs_inode_dotl.c:454
 vfs_mkdir+0x1c3/0x3b0 fs/namei.c:3933
 do_mkdirat+0x285/0x300 fs/namei.c:3959
 __do_sys_mkdir fs/namei.c:3979 [inline]
 __se_sys_mkdir fs/namei.c:3977 [inline]
 __x64_sys_mkdir+0xf2/0x140 fs/namei.c:3977
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f5da8ba5829
Code: 28 c3 e8 5a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd6deb21e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
RAX: ffffffffffffffda RBX: 00007ffd6deb21f8 RCX: 00007f5da8ba5829
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0
RBP: 00007ffd6deb21f0 R08: 00007f5da8b63af0 R09: 00007f5da8b63af0
R10: 0000000020000340 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches

Re: [syzbot] WARNING in inc_nlink (3)

[Matthew Wilcox]

On Fri, Mar 18, 2022 at 08:26:06AM -0700, syzbot wrote:
> Hello,
> 
> syzbot has tested the proposed patch and the reproducer did not trigger any issue:

FWIW, neither of Hillf's patches have made it to the list.

https://lore.kernel.org/linux-fsdevel/000000000000e8202805da7fc37b@google.com/T/#u

Hillf, can you fix your mail setup?

Re: [syzbot] WARNING in inc_nlink (3)

[syzbot]

Hello,

syzbot has tested the proposed patch and the reproducer did not trigger any issue:

Reported-and-tested-by: syzbot+2b3af42c0644df1e4da9@syzkaller.appspotmail.com

Tested on:

commit:         aad611a8 Merge tag 'perf-tools-fixes-for-v5.17-2022-03..
git tree:       https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
kernel config:  https://syzkaller.appspot.com/x/.config?x=aba0ab2928a512c2
dashboard link: https://syzkaller.appspot.com/bug?extid=2b3af42c0644df1e4da9
compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
patch:          https://syzkaller.appspot.com/x/patch.diff?x=13edf28d700000

Note: testing is done by a robot and is best-effort only.

Re: [syzbot] WARNING in inc_nlink (3)

[syzbot]

Hello,

syzbot tried to test the proposed patch but the build/boot failed:

  T40]  __wait_for_common+0x2af/0x360
[  293.773463][   T40]  ? usleep_range_state+0x1b0/0x1b0
[  293.779742][   T40]  ? bit_wait_io_timeout+0x160/0x160
[  293.785607][   T40]  ? mutex_lock_io_nested+0x1150/0x1150
[  293.791601][   T40]  cpuhp_issue_call+0x4c0/0x900
[  293.796921][   T40]  __cpuhp_setup_state_cpuslocked+0x362/0x8a0
[  293.805189][   T40]  ? nmi_panic_self_stop+0x13/0x20
[  293.810867][   T40]  ? nmi_panic_self_stop+0x20/0x20
[  293.816546][   T40]  ? msr_devnode+0x60/0x60
[  293.821286][   T40]  ? nmi_panic_self_stop+0x20/0x20
[  293.826805][   T40]  __cpuhp_setup_state+0x102/0x2e0
[  293.832648][   T40]  ? set_kbd_reboot+0x85/0x85
[  293.838219][   T40]  msr_init+0xba/0xf8
[  293.842603][   T40]  do_one_initcall+0x103/0x650
[  293.847647][   T40]  ? trace_event_raw_event_initcall_level+0x1f0/0x1f0
[  293.854724][   T40]  ? parameq+0xa0/0x170
[  293.859103][   T40]  kernel_init_freeable+0x6b1/0x73a
[  293.864814][   T40]  ? rest_init+0x3e0/0x3e0
[  293.869732][   T40]  kernel_init+0x1a/0x1d0
[  293.874300][   T40]  ? rest_init+0x3e0/0x3e0
[  293.878927][   T40]  ret_from_fork+0x1f/0x30
[  293.883729][   T40]  </TASK>
[  293.887649][   T40] INFO: task kworker/u17:1:14 blocked for more than 143 seconds.
[  293.898601][   T40]       Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1-dirty #0
[  293.913284][   T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  293.924199][   T40] task:kworker/u17:1   state:D stack:25864 pid:   14 ppid:     2 flags:0x00004000
[  293.938171][   T40] Workqueue: events_unbound async_run_entry_fn
[  293.946835][   T40] Call Trace:
[  293.951616][   T40]  <TASK>
[  293.955924][   T40]  __schedule+0xa94/0x4910
[  293.962011][   T40]  ? rwsem_down_write_slowpath+0x4f0/0x1110
[  293.969574][   T40]  ? io_schedule_timeout+0x180/0x180
[  293.978333][   T40]  ? mark_held_locks+0x9f/0xe0
[  293.985859][   T40]  ? rwlock_bug.part.0+0x90/0x90
[  293.994578][   T40]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  294.003631][   T40]  schedule+0xd2/0x260
[  294.008912][   T40]  rwsem_down_write_slowpath+0x634/0x1110
[  294.016333][   T40]  ? rwsem_mark_wake+0x960/0x960
[  294.023246][   T40]  ? lock_release+0x720/0x720
[  294.031124][   T40]  down_write+0x135/0x150
[  294.037929][   T40]  ? down_write_killable_nested+0x180/0x180
[  294.046559][   T40]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  294.055336][   T40]  ? security_inode_mkdir+0xd6/0x100
[  294.062636][   T40]  vfs_mkdir+0x14e/0x480
[  294.068561][   T40]  ? security_path_mkdir+0x11b/0x160
[  294.076470][   T40]  init_mkdir+0x1cb/0x21d
[  294.083086][   T40]  ? init_unlink+0x1f/0x1f
[  294.089376][   T40]  ? eat+0x8/0x21
[  294.093573][   T40]  do_name+0x223/0x4e5
[  294.099942][   T40]  write_buffer+0x69/0x8c
[  294.106118][   T40]  unpack_to_rootfs+0x228/0x5ce
[  294.112290][   T40]  ? do_utime.isra.0+0xb1/0xb1
[  294.117526][   T40]  ? reserve_initrd_mem+0x31c/0x31c
[  294.122933][   T40]  do_populate_rootfs+0x8c/0x59b
[  294.127669][   T40]  ? reserve_initrd_mem+0x31c/0x31c
[  294.132963][   T40]  ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[  294.138730][   T40]  ? ktime_get+0x30b/0x470
[  294.143235][   T40]  async_run_entry_fn+0x9d/0x550
[  294.148261][   T40]  process_one_work+0x9ac/0x1650
[  294.153403][   T40]  ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[  294.158974][   T40]  ? rwlock_bug.part.0+0x90/0x90
[  294.163988][   T40]  ? _raw_spin_lock_irq+0x41/0x50
[  294.169102][   T40]  worker_thread+0x657/0x1110
[  294.174037][   T40]  ? process_one_work+0x1650/0x1650
[  294.179217][   T40]  kthread+0x2e9/0x3a0
[  294.183411][   T40]  ? kthread_complete_and_exit+0x40/0x40
[  294.189044][   T40]  ret_from_fork+0x1f/0x30
[  294.193523][   T40]  </TASK>
[  294.196714][   T40] INFO: task cpuhp/0:18 blocked for more than 143 seconds.
[  294.203827][   T40]       Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1-dirty #0
[  294.212126][   T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  294.220975][   T40] task:cpuhp/0         state:D stack:28392 pid:   18 ppid:     2 flags:0x00004000
[  294.230370][   T40] Call Trace:
[  294.233816][   T40]  <TASK>
[  294.237042][   T40]  __schedule+0xa94/0x4910
[  294.242345][   T40]  ? io_schedule_timeout+0x180/0x180
[  294.248784][   T40]  ? lock_chain_count+0x20/0x20
[  294.254897][   T40]  ? update_load_avg+0x1361/0x1c80
[  294.261329][   T40]  schedule+0xd2/0x260
[  294.266092][   T40]  schedule_timeout+0x1db/0x2a0
[  294.271547][   T40]  ? usleep_range_state+0x1b0/0x1b0
[  294.277306][   T40]  ? __wait_for_common+0x2a6/0x360
[  294.284078][   T40]  ? mark_held_locks+0x9f/0xe0
[  294.289477][   T40]  ? rwlock_bug.part.0+0x90/0x90
[  294.295280][   T40]  ? _raw_spin_unlock_irq+0x1f/0x40
[  294.300495][   T40]  __wait_for_common+0x2af/0x360
[  294.305629][   T40]  ? usleep_range_state+0x1b0/0x1b0
[  294.310921][   T40]  ? bit_wait_io_timeout+0x160/0x160
[  294.316375][   T40]  ? do_raw_spin_lock+0x120/0x2b0
[  294.321595][   T40]  ? rwlock_bug.part.0+0x90/0x90
[  294.326517][   T40]  devtmpfs_submit_req+0xa8/0x100
[  294.331962][   T40]  devtmpfs_create_node+0x175/0x210
[  294.337434][   T40]  ? public_dev_mount+0xf0/0xf0
[  294.343540][   T40]  ? up_write+0x148/0x470
[  294.349334][   T40]  ? kernfs_activate+0x1c4/0x240
[  294.356054][   T40]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  294.364067][   T40]  ? kernfs_put+0x31/0x50
[  294.369611][   T40]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  294.377377][   T40]  ? sysfs_do_create_link_sd+0xbb/0x140
[  294.383203][   T40]  ? sysfs_create_link+0x67/0xc0
[  294.388686][   T40]  device_add+0x1887/0x1e20
[  294.393846][   T40]  ? __fw_devlink_link_to_suppliers+0x2d0/0x2d0
[  294.400571][   T40]  ? rcu_read_lock_sched_held+0x3a/0x70
[  294.406387][   T40]  ? kfree+0x19e/0x2b0
[  294.410641][   T40]  device_create_groups_vargs+0x203/0x280
[  294.417000][   T40]  device_create+0xdf/0x120
[  294.421769][   T40]  ? device_create_groups_vargs+0x280/0x280
[  294.427907][   T40]  ? msr_devnode+0x60/0x60
[  294.432595][   T40]  ? trace_cpuhp_enter+0x1a0/0x240
[  294.438127][   T40]  ? msr_devnode+0x60/0x60
[  294.443645][   T40]  msr_device_create+0x22/0x40
[  294.448754][   T40]  cpuhp_invoke_callback+0x3b5/0x9a0
[  294.454362][   T40]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[  294.460401][   T40]  cpuhp_thread_fun+0x477/0x6f0
[  294.465363][   T40]  ? cpuhp_invoke_callback+0x9a0/0x9a0
[  294.470781][   T40]  ? cpuhp_invoke_callback+0x9a0/0x9a0
[  294.476300][   T40]  smpboot_thread_fn+0x645/0x9c0
[  294.482127][   T40]  ? smpboot_register_percpu_thread+0x370/0x370
[  294.488774][   T40]  kthread+0x2e9/0x3a0
[  294.492910][   T40]  ? kthread_complete_and_exit+0x40/0x40
[  294.498827][   T40]  ret_from_fork+0x1f/0x30
[  294.503371][   T40]  </TASK>
[  294.506551][   T40] INFO: task kdevtmpfs:34 blocked for more than 144 seconds.
[  294.513994][   T40]       Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1-dirty #0
[  294.522452][   T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  294.531256][   T40] task:kdevtmpfs       state:D stack:27864 pid:   34 ppid:     2 flags:0x00004000
[  294.540541][   T40] Call Trace:
[  294.543865][   T40]  <TASK>
[  294.546801][   T40]  __schedule+0xa94/0x4910
[  294.551370][   T40]  ? rwsem_down_write_slowpath+0x4f0/0x1110
[  294.557485][   T40]  ? io_schedule_timeout+0x180/0x180
[  294.564113][   T40]  ? mark_held_locks+0x9f/0xe0
[  294.569111][   T40]  ? rwlock_bug.part.0+0x90/0x90
[  294.574299][   T40]  schedule+0xd2/0x260
[  294.578540][   T40]  rwsem_down_write_slowpath+0x634/0x1110
[  294.585525][   T40]  ? rwsem_mark_wake+0x960/0x960
[  294.591953][   T40]  ? lock_release+0x720/0x720
[  294.597261][   T40]  down_write+0x135/0x150
[  294.602723][   T40]  ? down_write_killable_nested+0x180/0x180
[  294.609897][   T40]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  294.617453][   T40]  ? security_inode_mkdir+0xd6/0x100
[  294.624180][   T40]  vfs_mkdir+0x14e/0x480
[  294.628766][   T40]  handle_create+0x198/0x4b3
[  294.633669][   T40]  ? handle_remove+0x5fe/0x5fe
[  294.638746][   T40]  ? find_held_lock+0x2d/0x110
[  294.644918][   T40]  ? devtmpfsd+0xaa/0x2a3
[  294.650442][   T40]  ? lock_downgrade+0x6e0/0x6e0
[  294.656642][   T40]  ? do_raw_spin_lock+0x120/0x2b0
[  294.662888][   T40]  ? rwlock_bug.part.0+0x90/0x90
[  294.667815][   T40]  devtmpfsd+0x1a4/0x2a3
[  294.672413][   T40]  ? dmar_validate_one_drhd+0x24d/0x24d
[  294.678087][   T40]  kthread+0x2e9/0x3a0
[  294.682289][   T40]  ? kthread_complete_and_exit+0x40/0x40
[  294.688394][   T40]  ret_from_fork+0x1f/0x30
[  294.694162][   T40]  </TASK>
[  294.698633][   T40] INFO: task kworker/u17:2:72 blocked for more than 144 seconds.
[  294.707590][   T40]       Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1-dirty #0
[  294.717373][   T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  294.728402][   T40] task:kworker/u17:2   state:D stack:30064 pid:   72 ppid:     2 flags:0x00004000
[  294.739692][   T40] Call Trace:
[  294.743823][   T40]  <TASK>
[  294.747163][   T40]  __schedule+0xa94/0x4910
[  294.751403][   T40]  ? io_schedule_timeout+0x180/0x180
[  294.756615][   T40]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[  294.763671][   T40]  schedule+0xd2/0x260
[  294.768621][   T40]  async_synchronize_cookie_domain+0x1f9/0x270
[  294.776319][   T40]  ? lowest_in_progress+0xf0/0xf0
[  294.782484][   T40]  ? __put_cred+0x1ca/0x250
[  294.787920][   T40]  ? finish_wait+0x270/0x270
[  294.793531][   T40]  wait_for_initramfs+0x54/0x70
[  294.799402][   T40]  call_usermodehelper_exec_async+0x26f/0x580
[  294.805433][   T40]  ? umh_complete+0x90/0x90
[  294.811421][   T40]  ret_from_fork+0x1f/0x30
[  294.815924][   T40]  </TASK>
[  294.818784][   T40] INFO: task kworker/u17:2:73 blocked for more than 144 seconds.
[  294.828170][   T40]       Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1-dirty #0
[  294.836590][   T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  294.847531][   T40] task:kworker/u17:2   state:D stack:30568 pid:   73 ppid:     2 flags:0x00004000
[  294.858846][   T40] Call Trace:
[  294.862986][   T40]  <TASK>
[  294.867040][   T40]  __schedule+0xa94/0x4910
[  294.872483][   T40]  ? io_schedule_timeout+0x180/0x180
[  294.878112][   T40]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[  294.886377][   T40]  schedule+0xd2/0x260
[  294.891591][   T40]  async_synchronize_cookie_domain+0x1f9/0x270
[  294.898880][   T40]  ? lowest_in_progress+0xf0/0xf0
[  294.904378][   T40]  ? __put_cred+0x1ca/0x250
[  294.909096][   T40]  ? finish_wait+0x270/0x270
[  294.913629][   T40]  wait_for_initramfs+0x54/0x70
[  294.919093][   T40]  call_usermodehelper_exec_async+0x26f/0x580
[  294.925513][   T40]  ? umh_complete+0x90/0x90
[  294.929924][   T40]  ret_from_fork+0x1f/0x30
[  294.934401][   T40]  </TASK>
[  294.937561][   T40] INFO: task kworker/u17:3:74 blocked for more than 144 seconds.
[  294.945887][   T40]       Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1-dirty #0
[  294.954060][   T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  294.963310][   T40] task:kworker/u17:3   state:D stack:30568 pid:   74 ppid:     2 flags:0x00004000
[  294.972248][   T40] Call Trace:
[  294.975488][   T40]  <TASK>
[  294.978265][   T40]  __schedule+0xa94/0x4910
[  294.983603][   T40]  ? io_schedule_timeout+0x180/0x180
[  294.989790][   T40]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[  294.995642][   T40]  schedule+0xd2/0x260
[  294.999416][   T40]  async_synchronize_cookie_domain+0x1f9/0x270
[  295.005448][   T40]  ? lowest_in_progress+0xf0/0xf0
[  295.010336][   T40]  ? __put_cred+0x1ca/0x250
[  295.014764][   T40]  ? finish_wait+0x270/0x270
[  295.019451][   T40]  wait_for_initramfs+0x54/0x70
[  295.024262][   T40]  call_usermodehelper_exec_async+0x26f/0x580
[  295.030181][   T40]  ? umh_complete+0x90/0x90
[  295.034685][   T40]  ret_from_fork+0x1f/0x30
[  295.038963][   T40]  </TASK>
[  295.042042][   T40] INFO: task kworker/u17:3:75 blocked for more than 144 seconds.
[  295.049634][   T40]       Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1-dirty #0
[  295.057755][   T40] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  295.068019][   T40] task:kworker/u17:3   state:D stack:30568 pid:   75 ppid:     2 flags:0x00004000
[  295.077460][   T40] Call Trace:
[  295.080693][   T40]  <TASK>
[  295.083643][   T40]  __schedule+0xa94/0x4910
[  295.087978][   T40]  ? io_schedule_timeout+0x180/0x180
[  295.094151][   T40]  ? _raw_spin_unlock_irqrestore+0x50/0x70
[  295.101291][   T40]  schedule+0xd2/0x260
[  295.106289][   T40]  async_synchronize_cookie_domain+0x1f9/0x270
[  295.113479][   T40]  ? lowest_in_progress+0xf0/0xf0
[  295.118558][   T40]  ? __put_cred+0x1ca/0x250
[  295.123338][   T40]  ? finish_wait+0x270/0x270
[  295.128015][   T40]  wait_for_initramfs+0x54/0x70
[  295.132899][   T40]  call_usermodehelper_exec_async+0x26f/0x580
[  295.139455][   T40]  ? umh_complete+0x90/0x90
[  295.144352][   T40]  ret_from_fork+0x1f/0x30
[  295.149168][   T40]  </TASK>
[  295.152281][   T40] 
[  295.152281][   T40] Showing all locks held in the system:
[  295.160764][   T40] 2 locks held by swapper/0/1:
[  295.165758][   T40]  #0: ffffffff8ba2dbd0 (cpu_hotplug_lock){++++}-{0:0}, at: msr_init+0xba/0xf8
[  295.174911][   T40]  #1: ffffffff8ba30168 (cpuhp_state_mutex){+.+.}-{3:3}, at: __cpuhp_setup_state_cpuslocked+0xfb/0x8a0
[  295.187105][   T40] 5 locks held by kworker/u17:1/14:
[  295.192488][   T40]  #0: ffff888010c75138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1650
[  295.204173][   T40]  #1: ffffc9000061fdb8 ((work_completion)(&entry->work)){+.+.}-{0:0}, at: process_one_work+0x8c4/0x1650
[  295.216602][   T40]  #2: ffff888011650460 (sb_writers#2){.+.+}-{0:0}, at: filename_create+0xf3/0x480
[  295.226100][   T40]  #3: ffff888011004bb0 (&sb->s_type->i_mutex_key/1){+.+.}-{3:3}, at: filename_create+0x158/0x480
[  295.237689][   T40]  #4: ffff888011004bb0 (&sb->s_type->i_mutex_key){++++}-{3:3}, at: vfs_mkdir+0x14e/0x480
[  295.248214][   T40] 2 locks held by cpuhp/0/18:
[  295.253178][   T40]  #0: ffffffff8ba2dbd0 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x113/0x6f0
[  295.263845][   T40]  #1: ffffffff8ba30220 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x113/0x6f0
[  295.273729][   T40] 3 locks held by kdevtmpfs/34:
[  295.278876][   T40]  #0: ffff888011c2a460 (sb_writers){.+.+}-{0:0}, at: filename_create+0xf3/0x480
[  295.288685][   T40]  #1: ffff8880402fe2b8 (&type->i_mutex_dir_key/1){+.+.}-{3:3}, at: filename_create+0x158/0x480
[  295.299519][   T40]  #2: ffff8880402fe2b8 (&type->i_mutex_dir_key#2){++++}-{3:3}, at: vfs_mkdir+0x14e/0x480
[  295.309472][   T40] 1 lock held by khungtaskd/40:
[  295.314423][   T40]  #0: ffffffff8bb820a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260
[  295.324434][   T40] 2 locks held by kworker/u17:3/71:
[  295.329391][   T40]  #0: ffff888010c75138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1650
[  295.341345][   T40]  #1: ffffc90000c87db8 ((kfence_timer).work){+.+.}-{0:0}, at: process_one_work+0x8c4/0x1650
[  295.351499][   T40] 
[  295.353647][   T40] =============================================
[  295.353647][   T40] 
[  295.361947][   T40] Kernel panic - not syncing: hung_task: blocked tasks
[  295.368642][   T40] CPU: 0 PID: 40 Comm: khungtaskd Not tainted 5.17.0-rc7-syzkaller-00235-gaad611a868d1-dirty #0
[  295.371822][   T40] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[  295.371822][   T40] Call Trace:
[  295.371822][   T40]  <TASK>
[  295.371822][   T40]  dump_stack_lvl+0xcd/0x134
[  295.371822][   T40]  panic+0x2b0/0x6dd
[  295.371822][   T40]  ? __warn_printk+0xf3/0xf3
[  295.371822][   T40]  ? watchdog.cold+0x130/0x158
[  295.371822][   T40]  watchdog.cold+0x141/0x158
[  295.371822][   T40]  ? proc_dohung_task_timeout_secs+0x80/0x80
[  295.371822][   T40]  kthread+0x2e9/0x3a0
[  295.371822][   T40]  ? kthread_complete_and_exit+0x40/0x40
[  295.371822][   T40]  ret_from_fork+0x1f/0x30
[  295.371822][   T40]  </TASK>
[  295.371822][   T40] Kernel Offset: disabled
[  295.371822][   T40] Rebooting in 86400 seconds..


Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=10b74233700000


Tested on:

commit:         aad611a8 Merge tag 'perf-tools-fixes-for-v5.17-2022-03..
git tree:       https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
kernel config:  https://syzkaller.appspot.com/x/.config?x=aba0ab2928a512c2
dashboard link: https://syzkaller.appspot.com/bug?extid=2b3af42c0644df1e4da9
compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
patch:          https://syzkaller.appspot.com/x/patch.diff?x=1223085d700000