./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3721131672 <...> Warning: Permanently added '10.128.1.149' (ECDSA) to the list of known hosts. execve("./syz-executor3721131672", ["./syz-executor3721131672"], 0x7ffd62c99d40 /* 10 vars */) = 0 brk(NULL) = 0x555555c2a000 brk(0x555555c2ac40) = 0x555555c2ac40 arch_prctl(ARCH_SET_FS, 0x555555c2a300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3721131672", 4096) = 28 brk(0x555555c4bc40) = 0x555555c4bc40 brk(0x555555c4c000) = 0x555555c4c000 mprotect(0x7fb7f072b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555c2a5d0) = 3630 ./strace-static-x86_64: Process 3630 attached [pid 3630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3630] setpgid(0, 0) = 0 [pid 3630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 3630] write(3, "1000", 4) = 4 [pid 3630] close(3) = 0 [pid 3630] memfd_create("syzkaller", 0) = 3 [pid 3630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb7e8270000 [pid 3630] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 [pid 3630] munmap(0x7fb7e8270000, 262144) = 0 [pid 3630] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 3630] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 3630] close(3) = 0 [pid 3630] mkdir("./file0", 0777) = 0 [pid 3630] mount("/dev/loop0", "./file0", "ext4", MS_SYNCHRONOUS|MS_I_VERSION|MS_STRICTATIME, ",errors=continue") = 0 [pid 3630] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 3630] chdir("./file0") = 0 [pid 3630] ioctl(4, LOOP_CLR_FD) = 0 [pid 3630] close(4) = 0 [pid 3630] open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_LARGEFILE|O_NOFOLLOW|O_NOATIME, 000) = 4 [pid 3630] pwritev2(4, [{iov_base="\x85", iov_len=1}], 1, 0, RWF_HIPRI|RWF_DSYNC) = 1 syzkaller login: [ 60.187837][ T3630] loop0: detected capacity change from 0 to 512 [ 60.191255][ T3631] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 60.214589][ T3630] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [pid 3630] fallocate(4, 0, 0, 5 [pid 3629] kill(-3630, SIGKILL) = 0 [pid 3629] kill(3630, SIGKILL) = 0 [pid 3629] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 3629] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 3629] getdents64(3, 0x555555c2b620 /* 2 entries */, 32768) = 48 [pid 3629] getdents64(3, 0x555555c2b620 /* 0 entries */, 32768) = 0 [pid 3629] close(3) = 0 [ 76.655916][ T14] cfg80211: failed to load regulatory.db [ 286.574537][ T28] INFO: task syz-executor372:3630 blocked for more than 143 seconds. [ 286.582795][ T28] Not tainted 6.1.0-rc8-syzkaller-00152-g3ecc37918c80 #0 [ 286.590382][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.599165][ T28] task:syz-executor372 state:D stack:26320 pid:3630 ppid:3629 flags:0x00004004 [ 286.608504][ T28] Call Trace: [ 286.611813][ T28] [ 286.614790][ T28] __schedule+0xae9/0x53f0 [ 286.619333][ T28] ? io_schedule_timeout+0x150/0x150 [ 286.624687][ T28] ? _raw_spin_unlock_irqrestore+0x54/0x70 [ 286.630533][ T28] schedule+0xde/0x1b0 [ 286.634721][ T28] io_schedule+0xbe/0x130 [ 286.639072][ T28] bit_wait_io+0x16/0xe0 [ 286.643306][ T28] __wait_on_bit_lock+0x11f/0x1a0 [ 286.648380][ T28] ? bit_wait+0xe0/0xe0 [ 286.652583][ T28] out_of_line_wait_on_bit_lock+0xd9/0x110 [ 286.658421][ T28] ? __wait_on_bit_lock+0x1a0/0x1a0 [ 286.663647][ T28] ? sugov_start+0x580/0x580 [ 286.668338][ T28] __sync_dirty_buffer+0x30e/0x380 [ 286.673496][ T28] __ext4_handle_dirty_metadata+0x2b7/0x6f0 [ 286.679713][ T28] ? __ext4_journal_get_create_access+0x182/0x1f0 [ 286.686261][ T28] ext4_convert_inline_data_nolock+0x6e6/0xf10 [ 286.692435][ T28] ? ext4_destroy_inline_data_nolock+0x580/0x580 [ 286.698810][ T28] ? down_write_killable_nested+0x250/0x250 [ 286.704872][ T28] ? __ext4_journal_start_sb+0x223/0x530 [ 286.710523][ T28] ? ext4_convert_inline_data+0x315/0x5f0 [ 286.716309][ T28] ext4_convert_inline_data+0x517/0x5f0 [ 286.721885][ T28] ? ext4_inline_data_truncate+0xce0/0xce0 [ 286.727778][ T28] ? down_write_killable_nested+0x250/0x250 [ 286.733694][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 286.738982][ T28] ext4_fallocate+0x19a/0x4220 [ 286.743790][ T28] ? lock_release+0x810/0x810 [ 286.748530][ T28] ? ext4_ext_truncate+0x400/0x400 [ 286.753672][ T28] ? ext4_ext_truncate+0x400/0x400 [ 286.758821][ T28] vfs_fallocate+0x48b/0xe00 [ 286.763599][ T28] __x64_sys_fallocate+0xd3/0x140 [ 286.768754][ T28] do_syscall_64+0x39/0xb0 [ 286.773211][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.779136][ T28] RIP: 0033:0x7fb7f06bd529 [ 286.783574][ T28] RSP: 002b:00007ffd4b1f2598 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.792146][ T28] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb7f06bd529 [ 286.800162][ T28] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 286.808181][ T28] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003 [ 286.816203][ T28] R10: 0000000000000005 R11: 0000000000000246 R12: 00007ffd4b1f25d0 [ 286.824241][ T28] R13: 0000000000000000 R14: 431bde82d7b634db R15: 0000000000000000 [ 286.832254][ T28] [ 286.835348][ T28] [ 286.835348][ T28] Showing all locks held in the system: [ 286.843105][ T28] 1 lock held by rcu_tasks_kthre/12: [ 286.848441][ T28] #0: ffffffff8c58f070 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 [ 286.859132][ T28] 1 lock held by rcu_tasks_trace/13: [ 286.864495][ T28] #0: ffffffff8c58ed70 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x26/0xc70 [ 286.875543][ T28] 1 lock held by khungtaskd/28: [ 286.880382][ T28] #0: ffffffff8c58fbc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x57/0x264 [ 286.890472][ T28] 2 locks held by getty/3306: [ 286.895230][ T28] #0: ffff888027999098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 [ 286.905213][ T28] #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 [ 286.915381][ T28] 3 locks held by syz-executor372/3630: [ 286.920917][ T28] #0: ffff888024d12460 (sb_writers#4){.+.+}-{0:0}, at: __x64_sys_fallocate+0xd3/0x140 [ 286.930682][ T28] #1: ffff8880738eca38 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_fallocate+0x192/0x4220 [ 286.941439][ T28] #2: ffff8880738ec700 (&ei->xattr_sem){++++}-{3:3}, at: ext4_convert_inline_data+0x34f/0x5f0 [ 286.952042][ T28] [ 286.954407][ T28] ============================================= [ 286.954407][ T28] [ 286.962862][ T28] NMI backtrace for cpu 0 [ 286.967305][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.0-rc8-syzkaller-00152-g3ecc37918c80 #0 [ 286.977172][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 286.987338][ T28] Call Trace: [ 286.990641][ T28] [ 286.993570][ T28] dump_stack_lvl+0xd1/0x138 [ 286.998183][ T28] nmi_cpu_backtrace.cold+0x24/0x18a [ 287.003476][ T28] nmi_trigger_cpumask_backtrace+0x333/0x3c0 [ 287.009479][ T28] ? lapic_can_unplug_cpu+0x80/0x80 [ 287.014881][ T28] watchdog+0xc75/0xfc0 [ 287.019056][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 287.025038][ T28] kthread+0x2e8/0x3a0 [ 287.029113][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 287.034744][ T28] ret_from_fork+0x1f/0x30 [ 287.039183][ T28] [ 287.042362][ T28] Sending NMI from CPU 0 to CPUs 1: [ 287.047686][ C1] NMI backtrace for cpu 1 [ 287.047698][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.1.0-rc8-syzkaller-00152-g3ecc37918c80 #0 [ 287.047716][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 287.047726][ C1] RIP: 0010:pm_qos_read_value+0x26/0x40 [ 287.047751][ C1] Code: 00 00 00 00 66 0f 1f 00 53 48 89 fb e8 e3 94 1c 00 48 8d 7b 10 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 04 02 <84> c0 74 04 3c 03 7e 05 8b 43 10 5b c3 e8 c8 6e 69 00 eb f4 66 0f [ 287.047767][ C1] RSP: 0018:ffffc90000177cd8 EFLAGS: 00000012 [ 287.047782][ C1] RAX: 0000000000000000 RBX: ffff88801770f800 RCX: 0000000000000000 [ 287.047792][ C1] RDX: 1ffff11002ee1f02 RSI: ffffffff8163891d RDI: ffff88801770f810 [ 287.047803][ C1] RBP: ffff88801770f800 R08: 0000000000000007 R09: fffffffffffff000 [ 287.047814][ C1] R10: ffff88801770f800 R11: 0000000000000001 R12: 0000000000000001 [ 287.047830][ C1] R13: 0000000000000001 R14: ffffffff8e51a750 R15: ffff88801927e800 [ 287.047843][ C1] FS: 0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 287.047858][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.047873][ C1] CR2: 000055cd26e94680 CR3: 000000000c28e000 CR4: 0000000000350ee0 [ 287.047884][ C1] Call Trace: [ 287.047889][ C1] [ 287.047895][ C1] cpuidle_governor_latency_req+0x6b/0xb0 [ 287.047960][ C1] menu_select+0x113/0x1910 [ 287.047985][ C1] ? cpuidle_enter_state+0x267/0xd40 [ 287.048007][ C1] ? prepare_to_wait+0x380/0x380 [ 287.048034][ C1] ? menu_reflect+0x130/0x130 [ 287.048059][ C1] do_idle+0x37f/0x590 [ 287.048077][ C1] ? arch_cpu_idle_exit+0x30/0x30 [ 287.048098][ C1] cpu_startup_entry+0x18/0x20 [ 287.048114][ C1] start_secondary+0x256/0x300 [ 287.048135][ C1] ? set_cpu_sibling_map+0x24f0/0x24f0 [ 287.048156][ C1] secondary_startup_64_no_verify+0xce/0xdb [ 287.048186][ C1] [ 287.048648][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 287.238621][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.0-rc8-syzkaller-00152-g3ecc37918c80 #0 [ 287.248415][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 287.258462][ T28] Call Trace: [ 287.261737][ T28] [ 287.264750][ T28] dump_stack_lvl+0xd1/0x138 [ 287.269439][ T28] panic+0x2cc/0x626 [ 287.273338][ T28] ? panic_print_sys_info.part.0+0x110/0x110 [ 287.279498][ T28] ? preempt_schedule_thunk+0x1a/0x1c [ 287.284881][ T28] ? watchdog.cold+0x130/0x158 [ 287.289662][ T28] watchdog.cold+0x141/0x158 [ 287.294348][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 287.300333][ T28] kthread+0x2e8/0x3a0 [ 287.304642][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 287.310309][ T28] ret_from_fork+0x1f/0x30 [ 287.314748][ T28] [ 287.318498][ T28] Kernel Offset: disabled [ 287.323598][ T28] Rebooting in 86400 seconds..