INFO: task syz-executor3:21310 blocked for more than 140 seconds.
Not tainted 5.0.0-rc4+ #51
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kobject: 'loop5' (000000005e46e8e8): kobject_uevent_env
kobject: 'loop5' (000000005e46e8e8): fill_kobj_path: path = '/devices/virtual/block/loop5'
syz-executor3 D26808 21310 12893 0x00000000
Call Trace:
kobject: 'loop0' (0000000053574908): kobject_uevent_env
context_switch kernel/sched/core.c:2844 [inline]
__schedule+0x897/0x1e60 kernel/sched/core.c:3485
kobject: 'loop0' (0000000053574908): fill_kobj_path: path = '/devices/virtual/block/loop0'
F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
kobject: 'loop3' (0000000027f4fa25): kobject_uevent_env
kobject: 'loop3' (0000000027f4fa25): fill_kobj_path: path = '/devices/virtual/block/loop3'
schedule+0xfe/0x350 kernel/sched/core.c:3529
kobject: 'loop1' (00000000ba6cfa92): kobject_uevent_env
attempt to access beyond end of device
kobject: 'loop1' (00000000ba6cfa92): fill_kobj_path: path = '/devices/virtual/block/loop1'
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3587
__mutex_lock_common kernel/locking/mutex.c:1002 [inline]
__mutex_lock+0xa3b/0x1670 kernel/locking/mutex.c:1072
loop5: rw=12288, want=8200, limit=20
kobject: 'loop2' (00000000ebbc0c92): kobject_uevent_env
attempt to access beyond end of device
kobject: 'loop2' (00000000ebbc0c92): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop0' (0000000053574908): kobject_uevent_env
loop5: rw=12288, want=12296, limit=20
kobject: 'loop0' (0000000053574908): fill_kobj_path: path = '/devices/virtual/block/loop0'
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087
F2FS-fs (loop5): Failed to get valid F2FS checkpoint
F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
mon_bin_fetch+0x37/0x340 drivers/usb/mon/mon_bin.c:909
F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
attempt to access beyond end of device
mon_bin_ioctl+0x29d/0xe20 drivers/usb/mon/mon_bin.c:1091
kobject: 'loop2' (00000000ebbc0c92): kobject_uevent_env
loop5: rw=12288, want=8200, limit=20
kobject: 'loop2' (00000000ebbc0c92): fill_kobj_path: path = '/devices/virtual/block/loop2'
attempt to access beyond end of device
kobject: 'loop3' (0000000027f4fa25): kobject_uevent_env
loop5: rw=12288, want=12296, limit=20
kobject: 'loop3' (0000000027f4fa25): fill_kobj_path: path = '/devices/virtual/block/loop3'
F2FS-fs (loop5): Failed to get valid F2FS checkpoint
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:509 [inline]
do_vfs_ioctl+0x107b/0x17d0 fs/ioctl.c:696
ksys_ioctl+0xab/0xd0 fs/ioctl.c:713
__do_sys_ioctl fs/ioctl.c:720 [inline]
__se_sys_ioctl fs/ioctl.c:718 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:718
do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x458089
Code: Bad RIP value.
RSP: 002b:00007fdd92893c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458089
RDX: 0000000020000000 RSI: 00000000c0109207 RDI: 0000000000000008
RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdd928946d4
R13: 00000000004c11ab R14: 00000000004d2ed8 R15: 00000000ffffffff
Showing all locks held in the system:
1 lock held by khungtaskd/1039:
#0: 000000001f0c4a16 (rcu_read_lock){....}, at: debug_show_all_locks+0xc6/0x41d kernel/locking/lockdep.c:4389
2 locks held by rsyslogd/7873:
#0: 00000000937669be (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1b3/0x1f0 fs/file.c:795
#1: 000000001f0c4a16 (rcu_read_lock){....}, at: double_lock_hb kernel/futex.c:1564 [inline]
#1: 000000001f0c4a16 (rcu_read_lock){....}, at: double_lock_hb kernel/futex.c:1559 [inline]
#1: 000000001f0c4a16 (rcu_read_lock){....}, at: futex_wake_op kernel/futex.c:1704 [inline]
#1: 000000001f0c4a16 (rcu_read_lock){....}, at: do_futex+0x1520/0x2910 kernel/futex.c:3607
2 locks held by getty/7964:
#0: 00000000f98151d3 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
#1: 000000003c6561f2 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7965:
#0: 00000000bee5a753 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
#1: 00000000f6aa94b9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7966:
#0: 00000000fa109b35 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
#1: 0000000036ce589e (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7967:
#0: 00000000de8650c9 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
#1: 0000000042163af8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7968:
#0: 000000001ca351ee (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
#1: 000000005f4586ff (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7969:
#0: 00000000f6d69506 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
#1: 00000000c49c097c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by getty/7970:
#0: 00000000fede17bf (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
#1: 00000000a8bc44ef (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x30a/0x1eb0 drivers/tty/n_tty.c:2154
2 locks held by kworker/u4:3/32636:
1 lock held by syz-executor3/21294:
#0: 0000000009176c4f (&rp->fetch_lock){+.+.}, at: mon_bin_fetch+0x37/0x340 drivers/usb/mon/mon_bin.c:909
1 lock held by syz-executor3/21310:
#0: 0000000009176c4f (&rp->fetch_lock){+.+.}, at: mon_bin_fetch+0x37/0x340 drivers/usb/mon/mon_bin.c:909
1 lock held by syz-executor1/21798:
#0: 00000000ddc11a3f (&rp->fetch_lock){+.+.}, at: mon_bin_fetch+0x37/0x340 drivers/usb/mon/mon_bin.c:909
2 locks held by kworker/0:0/23746:
#0: 0000000096c86014 ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:220 [inline]
#0: 0000000096c86014 ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
#0: 0000000096c86014 ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline]
#0: 0000000096c86014 ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline]
#0: 0000000096c86014 ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline]
#0: 0000000096c86014 ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline]
#0: 0000000096c86014 ((wq_completion)"events"){+.+.}, at: process_one_work+0xbc7/0x1ce0 kernel/workqueue.c:2124
#1: 0000000081caf7b9 (xfrm_state_gc_work){+.+.}, at: process_one_work+0xc1d/0x1ce0 kernel/workqueue.c:2128
1 lock held by syz-executor4/28387:
#0: 00000000edfc0b96 (event_mutex){+.+.}, at: perf_trace_destroy+0x28/0x100 kernel/trace/trace_event_perf.c:236
1 lock held by syz-executor5/28408:
#0: 000000005d1e3a9a (loop_ctl_mutex){+.+.}, at: __loop_clr_fd+0x88/0xc90 drivers/block/loop.c:1046
2 locks held by blkid/28428:
#0: 00000000cab448ca (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x19b/0x1560 fs/block_dev.c:1494
#1: 000000005d1e3a9a (loop_ctl_mutex){+.+.}, at: lo_open+0x1d/0xd0 drivers/block/loop.c:1722
2 locks held by blkid/28429:
#0: 0000000027d8a547 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x19b/0x1560 fs/block_dev.c:1494
#1: 000000005d1e3a9a (loop_ctl_mutex){+.+.}, at: lo_open+0x1d/0xd0 drivers/block/loop.c:1722
2 locks held by blkid/28430:
#0: 0000000015831a82 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x19b/0x1560 fs/block_dev.c:1494
#1: 000000005d1e3a9a (loop_ctl_mutex){+.+.}, at: lo_open+0x1d/0xd0 drivers/block/loop.c:1722
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 1039 Comm: khungtaskd Not tainted 5.0.0-rc4+ #51
kobject: 'loop5' (000000005e46e8e8): kobject_uevent_env
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1db/0x2d0 lib/dump_stack.c:113
nmi_cpu_backtrace.cold+0x63/0xa4 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x1be/0x236 lib/nmi_backtrace.c:62
kobject: 'loop5' (000000005e46e8e8): fill_kobj_path: path = '/devices/virtual/block/loop5'
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
watchdog+0xbbb/0x1170 kernel/hung_task.c:287
kobject: 'loop5' (000000005e46e8e8): kobject_uevent_env
kobject: 'loop5' (000000005e46e8e8): fill_kobj_path: path = '/devices/virtual/block/loop5'
kthread+0x357/0x430 kernel/kthread.c:246
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 1 to CPUs 0:
INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.352 msecs
NMI backtrace for cpu 0
CPU: 0 PID: 14548 Comm: udevd Not tainted 5.0.0-rc4+ #51
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:bpf_prog_kallsyms_find+0xe5/0x4b0 kernel/bpf/core.c:626
Code: ff 41 83 fc 01 74 57 45 31 e4 e8 c6 48 f3 ff 4c 89 e0 48 ba 00 00 00 00 00 fc ff df 48 03 95 d8 fe ff ff 48 c7 02 00 00 00 00 <48> c7 42 08 00 00 00 00 c7 42 10 00 00 00 00 48 8b 4d d0 65 48 33
RSP: 0018:ffff88809ea16e98 EFLAGS: 00000286
RAX: 0000000000000000 RBX: 0000000000000058 RCX: ffffffff818ebc2e
RDX: ffffed1013d42ddb RSI: ffffffff818ebb9a RDI: 0000000000000004
RBP: ffff88809ea16fc0 R08: ffff8880541ce700 R09: ffffed1015cc5b90
R10: ffffed1015cc5b8f R11: ffff8880ae62dc7b R12: 0000000000000000
R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000000
FS: 00007f9eec92b7a0(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f9eec932000 CR3: 000000008a898000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
is_bpf_text_address+0x78/0x170 kernel/bpf/core.c:667
kernel_text_address+0x73/0xf0 kernel/extable.c:152
__kernel_text_address+0xd/0x40 kernel/extable.c:107
unwind_get_return_address arch/x86/kernel/unwind_frame.c:18 [inline]
unwind_get_return_address+0x61/0xa0 arch/x86/kernel/unwind_frame.c:13
__save_stack_trace+0x8a/0xf0 arch/x86/kernel/stacktrace.c:45
save_stack_trace+0x1a/0x20 arch/x86/kernel/stacktrace.c:60
save_stack+0x45/0xd0 mm/kasan/common.c:73
set_track mm/kasan/common.c:85 [inline]
__kasan_kmalloc mm/kasan/common.c:496 [inline]
__kasan_kmalloc.constprop.0+0xcf/0xe0 mm/kasan/common.c:469
kasan_kmalloc mm/kasan/common.c:504 [inline]
kasan_slab_alloc+0xf/0x20 mm/kasan/common.c:411
kmem_cache_alloc+0x12d/0x710 mm/slab.c:3543
anon_vma_chain_alloc mm/rmap.c:129 [inline]
anon_vma_clone+0x148/0x750 mm/rmap.c:269
anon_vma_fork+0xed/0x880 mm/rmap.c:332
dup_mmap kernel/fork.c:541 [inline]
dup_mm kernel/fork.c:1320 [inline]
copy_mm kernel/fork.c:1375 [inline]
copy_process+0x39f2/0x8860 kernel/fork.c:1917
_do_fork+0x1a9/0x1170 kernel/fork.c:2227
__do_sys_clone kernel/fork.c:2334 [inline]
__se_sys_clone kernel/fork.c:2328 [inline]
__x64_sys_clone+0xbf/0x150 kernel/fork.c:2328
do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f9eec00ef46
Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 14 25 10 00 00 00 31 d2 49 81 c2 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 31 01 00 00 85 c0 41 89 c4 0f 85 3b 01 00
RSP: 002b:00007ffc949a8750 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007ffc949a8750 RCX: 00007f9eec00ef46
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 00007ffc949a87b0 R08: 00000000000038d4 R09: 00000000000038d4
R10: 00007f9eec92ba70 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc949a8770 R14: 0000000000000005 R15: 0000000000000005